Category: Tag:
OTHER SECURE ACCESS CASE STUDY

Secure Access Platform integration(Add-on and App ) with Splunk

Categories

SIEM Integration

DevOps

Ticketing system

Cloud Applications

Data Protection

Threat Intelligence

Cloud Monitoring

Cloud Storage

EndPoint Protection

Connector Factory Model

CRM

Cloud Security

Secure Access

DNS

Authentication

Database

IAM

Incident Response

Firewall

Security Ratings

Collaboration

Encryption

Application Security

HCM

DLP

Customer

Customer is a leading provider of secure access solutions to both enterprises and service providers.

Requirement

Customer requested the development of Splunk Add-on to integrate Splunk Alerts with its PPS platform.

data-protection

Technology Solution

Sacumen built Splunk TA(Technical Add-On) that retrieves the Splunk’s Alerts data and feed into the PulseSecure PPS (Pulse Policy Secure) platform

The Add-on was developed in Python using Alert Action Handler

Add-On has configuration parameters defined on the Alerts screen such as PulseSecure’s REST API URL, API Token, and other required configuration parameters

Splunk Alert Trigger passes the Alerts data to the Alert action defined in Add-on, on match of search query output defined as part of Alerts configuration

Alert Action handler parses the Alerts data, retrieves the Alerts events record (based on CIM fields filter only).

The Add-on supports Splunk version 7.x a

Add-on supported Retry mechanism

Add-on supported CIM 4.x

Download Case Study

Do you need free Consultation for your security product integration?

    There are no reviews yet.

    Be the first to review “Pulse Secure integration (Add-on) with Splunk”

    related products