Tech Docs Home > Endpoint Privilege Management >

Configure Splunk Enterprise to Receive Events

You need to configure Splunk Enterprise to receive events from either the Splunk Universal Forwarder or the Splunk DB Connect application.

For this installation, we assume:

Splunk Enterprise is installed
Appropriate access to the system is in place
You are familiar with the Splunk interface

To configure Splunk Enterprise to receive events:

Click Settings > Forwarding Receiving (under the Data menu).
Click Configure Receiving and then New to create an entry.
Enter 9997 in the Listen on this port field.
Click Save.

Splunk Enterprise is now configured to listen for events sent using any method.

BeyondTrust is the worldwide leader in intelligent identity and access security, enabling organizations to protect identities, stop threats, and deliver dynamic access. We offer the only platform with both intelligent identity threat detection and a privilege control plane that delivers zero-trust based least privilege to shrink your attack surface and eliminate security blind spots.

©2003-2024 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority. 4/12/2024

Top