Duplicate » admin by request

Splunk Integration

Splunk Logo on a dark digital background of white networks.
Sophie Dodson

Sophie Dodson

A tech-savvy author, seamlessly integrating computer science and computer graphic design expertise for a precision-focused approach in her writing, currently specializing in cybersecurity topics.

Ready to get started? Download the step-by-step guide below.

A key selling point to Admin By Request is the valuable Auditlog data we collect. All significant security events, such as Requests for elevated privileges, software installs and uninstalls, and programs run as administrator, are logged in the Admin By Request User Portal further use if necessary.

However, with large enterprises today generating gigabytes of data on a daily basis, it makes sense to provide the ability for our customers to manage this data in a tool of their choice – specifically, one designed for handling copious amounts of data from various different sources.

Our latest integration for Splunk does just that.

What the Integration Offers

This integration is simple: get Auditlog data sent in real-time from your User Portal to your Splunk environment to be indexed, structured, analyzed, and searched for your way.

Never miss a beat with what’s happening in terms of elevated privileges and access in your organization.

Extra visibility, security, and insight without having to find your way around new software? Check ✔

How It Works

This integration uses Splunk’s HTTP Event Collection (HEC) functionality combined with Admin By Request webhooks. Get it going in three simple steps:

  1. Set Up a Splunk HEC Channel – HEC is essentially an HTTP endpoint for your Splunk instance with an authorization token, which allows you to send data into Splunk.
  2. Define Webhook in Admin By Request – With Admin By Request webhooks (also referred to as a web callback or HTTP push API) you can subscribe to events in real-time instead of pulling data out in intervals.
  3. Receive Events – Auditlog events, such as Requests for elevated access, are now sent to the HEC endpoint.

Get started below with the self-service integration manual.

Something Amiss?

If you’ve identified a bug or have a suggestion for this integration, head to the Contact page and let us know.

Latest Blogs

Share this blog to your channels:

© 2024 ADMIN BY REQUEST

Data Processing | Terms & Conditions | Privacy Policy

Get the Admin By Request Free Plan

Workstation Edition

Fill out the form with your work email and we’ll display your credentials here, as well as send them to your inbox.

Book a Demo

Orange admin by request circle tick logo. » admin by request
Fill out the form below to request a free demo of our product.