About the Splunk Add-on for CyberArk¶
| Component | Description |
|---|---|
| Version | 1.2.0 |
| Vendor Products | Privileged Threat Analytics (PTA) 12.2, Enterprise Password Vault (EPV) 12.2 |
The Splunk Add-on for CyberArk allows a Splunk software administrator to pull system logs and traffic statistics from Privileged Threat Analytics (PTA) 12.2 and Enterprise Password Vault (EPV) 12.2 using syslog in Common Event Format (CEF). This add-on extracts CyberArk real-time privileged account activities (such as individual user activity when using shared accounts) into the Splunk platform and Splunk Enterprise Security, providing a single place to analyze unusual account activity.
Release notes¶
For a summary of new features, fixed issues, and known issues, and for more information on release history, see Release notes for the Splunk Add-on for CyberArk.
Compatibility¶
This add-on provides the inputs and Common Information Model (CIM)-compatible knowledge to use with other Splunk apps, such as Splunk Enterprise Security and the Splunk App for PCI Compliance.
For detailed information about compatibility with other software, CIM versions, and platforms, see Release notes for the Splunk Add-on for CyberArk.
Source types and lookups¶
For more information about the source types for Splunk Add-on for CyberArk, see Source types.
Download the add-on¶
Download the Splunk Add-on for CyberArk from Splunkbase.
Install and configure the add-on¶
To install and configure the Splunk Add-on for CyberArk, see Installation and configuration overview for the Splunk Add-on for CyberArk.
Hardware and software requirements¶
For more information, see Hardware and software requirements.
Additional resources¶
See Troubleshooting guidelines specific for this add-on.