Symantec IGA

 View Only
  • 1.  Splunk collection documentation

    Posted Feb 04, 2020 02:57 PM

    My group is now supporting Identityminder, Siteminder, and Governanceminder in our company.     I need to get the logs collecting into Splunk, and our Splunk administrator doesn't seem to know what to do. 

    It could just be an easy syslog forward, or maybe a difficult SFTP agent setup.  I don't know, and he doesn't know where to start.  I can't find documentation anywhere on this Broadcom site about splunk, or about those three systems.   

    Can anyone help?



  • 2.  RE: Splunk collection documentation
    Best Answer

    Broadcom Employee
    Posted Feb 04, 2020 04:59 PM
    Hi John,

    If you are using the Virtual Appliance you can utilize the central log server and send the logs over to Splunk for further monitoring.   There is currently an idea for Splunk integration.  You can view the idea here: https://community.broadcom.com/participate/ideation-home/viewidea?IdeationKey=0443e115-4442-43b9-a2b4-fe8d72cdf678

    For Virtual Appliance monitoring please view the following link: https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-suite/14-3/virtual-appliance/monitoring-virtual-appliance.html

    Refer to the "Monitoring with Log Forwarding" section which briefly discusses Splunk. 

    I hope you find this information helpful. 

    Thank you,
    Nicole