Forum Discussion

10 months ago

How to set up Splunk with multiple IIQ SailPoint environments with Splunk TA configuration using: SailPoint Adaptive Response

I noticed that the Splunk documentation on this site says that this should support multiple environments (s) - looking at the code in the python scripts though it looks like it doesn't?

SailPoint IIQ version: 8.1p3 Splunk version: 8.0.9 TA version: 2.0.5

After reviewing the Splunk Plugin code (the Python code which Splunk uses to read data from SailPoint), I noticed the following bits of information:

Splunk/etc/apps/Splunk_TA_sailpoint is the plugin directory where the plugin derives its files. Splunk/etc/apps/Splunk_TA_sailpoint/bin/input_module_sailpoint_identityiq_auditevents.py – this is the file in question that caught my attention.

api

sailpoint

No RepliesBe the first to reply

Forum Discussion

How to set up Splunk with multiple IIQ SailPoint environments with Splunk TA configuration using: SailPoint Adaptive Response

Related Content

Datapoints configuration Discussion

How to set up Splunk with multiple IIQ SailPoint environments with Splunk

BGP Neighbor Monitoring in Multi-VRF environment

Provisioning LDAP Application in Sailpoint IIQ

How do I configure an alert, for a specific Instance name?

Recent Discussions

Any way to change the severity of an alert based on duration?

Python script to run API call - AddWebsite - Need help with collectors

How do you handle Disk Space alerting?

REST Query no results

Webhook Event Collection & Cisco Meraki