Configure BeyondTrust Privileged Remote Access for Integration with Splunk

 

You must purchase this integration separately from your BeyondTrust Privileged Remote Access solution. For more information, contact BeyondTrust sales.

In addition to the steps outlined in the BeyondTrust SIEM Tool Plugin Installation and Administration, the Splunk integration also supports consumption of syslog output directly from the B Series Appliance.

All of the steps in this section take place in the BeyondTrust /appliance administrative interface.

  1. Access your BeyondTrust interface by going to the hostname of your B Series Appliance followed by /appliance, for example: https://access.example.com/appliance.
  2. Go to /appliance >Security > Appliance Administration and locate the Syslog section.
  3. Enter the hostname or IP address for your remote syslog server.
  4. Select a message format.
  5. Click Submit.