Customer is a leading provider of secure access solutions to both enterprises and service providers.

Customer requested the development of Splunk Add-on to integrate Splunk Alerts with its PPS platform.

Technology Solution

  • Sacumen built Splunk TA(Technical Add-On) that retrieves the Splunk’s Alerts data and feed into the PulseSecure PPS (Pulse Policy Secure) platform.
  • The Add-on was developed in Python using Alert Action Handler
  • Add-On has configuration parameters defined on the Alerts screen such as PulseSecure’s REST API URL, API Token, and other required configuration parameters
  • Splunk Alert Trigger passes the Alerts data to the Alert action defined in Add-on, on match of search query output defined as part of Alerts configuration
  • Alert Action handler parses the Alerts data, retrieves the Alerts events record (based on CIM fields filter only).
  • The Add-on supports Splunk version 7.x a
  • Add-on supported Retry mechanism
  • Add-on supported CIM 4.x

Customer Support

Send us a message

Get in Touch

Select Job Role (required)