Forum Discussion

3 months ago

How to set up Splunk with multiple IIQ SailPoint environments with Splunk TA configuration using: SailPoint Adaptive Response

I noticed that the Splunk documentation on this site says that this should support multiple environments (s) - looking at the code in the python scripts though it looks like it doesn't?

SailPoint IIQ version: 8.1p3 Splunk version: 8.0.9 TA version: 2.0.5

After reviewing the Splunk Plugin code (the Python code which Splunk uses to read data from SailPoint), I noticed the following bits of information:

Splunk/etc/apps/Splunk_TA_sailpoint is the plugin directory where the plugin derives its files. Splunk/etc/apps/Splunk_TA_sailpoint/bin/input_module_sailpoint_identityiq_auditevents.py – this is the file in question that caught my attention.

api

sailpoint

No RepliesBe the first to reply

Forum Discussion

How to set up Splunk with multiple IIQ SailPoint environments with Splunk TA configuration using: SailPoint Adaptive Response

Related Content

How to set up Splunk with multiple IIQ SailPoint environments with Splunk

BGP Neighbor Monitoring in Multi-VRF environment

Provisioning LDAP Application in Sailpoint IIQ

Is there a way to configure an Alert Rule to only match websites OR resources?

How do I configure an alert, for a specific Instance name?

Recent Discussions

Checkpoint IPsec Tunnel Monitoring.

New VMware modules dropped

LogicMonitor - Mulesoft Integration(##EXTERNALTICKETID##)

SDTing via API, one source work the other does not

Customizing Alert Message for Integrations - Question.