Forum Discussion

3 months ago

How to set up Splunk with multiple IIQ SailPoint environments with Splunk

Observing the code in the Python scripts, it appears that Splunk does not support multiple environments (s), despite what the Splunk documentation on this website claims.

Version of SailPoint IIQ: 8.1p3 Version of Splunk: 8.0.9; Version of TA: 2.0.5

Upon examining the Python code known as the Splunk Plugin, which allows Splunk to read data from SailPoint, I discovered the following details:

The plugin directory is Splunk/etc/apps/Splunk_TA_sailpoint, from which the plugin gets its files. The file that drew my attention was Splunk/etc/apps/Splunk_TA_sailpoint/bin/input_module_sailpoint_identityiq_auditevents.py.

api

sailpoint

No RepliesBe the first to reply

Forum Discussion

How to set up Splunk with multiple IIQ SailPoint environments with Splunk

Related Content

How to set up Splunk with multiple IIQ SailPoint environments with Splunk TA configuration using: SailPoint Adaptive Response

BGP Neighbor Monitoring in Multi-VRF environment

Using Postman to create multiple Websites via API & CSV?

Redcentric gained flexible monitoring capabilities across multiple cloud environments.

Carrier reduces MTTR and gains visibility across multiple IT environments.

Recent Discussions

Checkpoint IPsec Tunnel Monitoring.

New VMware modules dropped

LogicMonitor - Mulesoft Integration(##EXTERNALTICKETID##)

SDTing via API, one source work the other does not

Customizing Alert Message for Integrations - Question.