ActivIdentity 4TRESS AAA and Splunk | Integration Handbook
P 2
External Use | August 24, 2012 | © 2012 ActivIdentity
Table of Contents
Table of Contents ....................................................................................................................................................... 2
List of Figures ............................................................................................................................................................. 3
1.0
Introduction ....................................................................................................................................................... 4
1.1
Scope of Document .................................................................................................................................... 4
1.2
Prerequisites .............................................................................................................................................. 4
2.0
ActivIdentity 4TRESS AAA Data Export ........................................................................................................... 5
2.1
Consolidate data ........................................................................................................................................ 5
2.2
Schedule Consolidation from the Command Line ...................................................................................... 6
2.3
View and Export Authentication Logs ........................................................................................................ 6
2.4
View and Export Audit Logs ....................................................................................................................... 9
3.0
Splunk installation ........................................................................................................................................... 11
3.1
Prerequisites ............................................................................................................................................ 11
3.2
Windows Installation ................................................................................................................................. 12
4.0
Splunk Configuration ....................................................................................................................................... 13
4.1
Procedure 1 : Install the App .................................................................................................................... 13
4.2
Procedure 2 : Index and Log Repositories ............................................................................................... 14
4.3
Procedure 3 : Create Indexes .................................................................................................................. 15
4.4
Procedure 4 : Assign Index Rights ........................................................................................................... 17
4.5
Procedure 5: Specify Data Inputs ............................................................................................................ 19
4.6
Procedure 6: Restart Splunk .................................................................................................................... 23
5.0
Splunk for ActivIdentity AAA: Overview .......................................................................................................... 24
5.1
View Authentication Dashboard and Reports .......................................................................................... 24
5.2
View Authentication Logs ......................................................................................................................... 28
5.3
View Audit Dashboard and Reports ......................................................................................................... 29
5.4
View Audit Logs ........................................................................................................................................ 32
