×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
JonaM
New Member
Member since: ‎09-03-2022
‎09-04-2022
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎09-03-2022
Activity Feed
View All

Questions about Integrating API security platform ...

by in Splunk Dev
‎09-03-2022 09:51 PM
‎09-03-2022 09:51 PM
Hi Gentlemen, I'm working for an API security company, we provide vulnerability detection and real-time detection and prevention. We are now working on integrating our platform with Splunk and some question popped-up as part of the process: To which version and products of Splunk we should make the integration? is it a generic integration to all of them and we only need to switch platform, or it's different for each one?  How should we send the data to Splunk? we thought about syslog, is there any other recommended way? What kind of data is most recommended that we send for Splunk?  Can we create rules and actions through the integration with Splunk? (e.g WAF rule) What is the best practice to make the integration and test it? should we raise a Splunk environment, if so which one and those Splunk have any support for this processes? Additionally I would like to understand whether we need to send data differently if the type of data is different, for example, let's assume I'm sending both vulnerabilities and anomalies, should I send both of them to the same place? or there is different location for each one of them.   Thanks in advance, Jonathan. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎09-04-2022 09:16 AM