About the Splunk Add-on for CyberArk EPM¶
| Component | Description |
|---|---|
| Version | 3.1.0 |
| Vendor Products | CyberArk Endpoint Privilege Manager v21.1, v23.3.0, v24.5.0, v25.6.1 |
The Splunk Add-on for CyberArk EPM allows a Splunk software administrator to pull raw and aggregated events of Inbox Events, Policy Audit Events, Admin Audit Logs and can also collect logs related to policies, computers, and computer groups using the cloud administration APIs of CyberArk EPM. Inbox Events are comprised of events related to Application Events and Threat Detection events.
Release notes¶
For a summary of new features, fixed issues, and known issues, and for more information on release history, see Release notes for the Splunk Add-on for CyberArk EPM.
Compatibility¶
This add-on provides modular inputs and CIM-compatible knowledge to use with other Splunk apps, such as Splunk Enterprise Security and the Splunk App for PCI Compliance.
This add-on is only Python3 compatible.
Source types and lookups¶
For more information about the source types for Splunk Add-on for CyberArk EPM, see Source types.
Download the add-on¶
Download the Splunk Add-on for CyberArk EPM from Splunkbase.
Install and configure the add-on¶
To install and configure the Splunk Add-on for CyberArk EPM, see Installation and configuration overview for the Splunk Add-on for CyberArk EPM.
Hardware and software requirements¶
For more information, see Hardware and software requirements.
Additional resources¶
See Troubleshooting guidelines specific for this add-on.