Prerequisites for the BeyondTrust Privileged Remote Access Integration with Splunk
You must purchase this integration separately from your BeyondTrust Privileged Remote Access solution. For more information, contact BeyondTrust sales.
- BeyondTrust Privileged Remote Access: 15.x and newer
- Splunk On-Premises or Cloud: 6.3.0 and newer
The following network communication channels must be open for the integration to work properly:
|Outbound From||Inbound To||TCP Port #||Purpose|
|BeyondTrust Middleware Engine Server||Splunk Server||1514||Session event data is pushed as specially formatted syslog messages into Splunk|
|BeyondTrust Appliance B Series||Splunk Server||514||Syslog event information from the B Series Appliance|
Prerequisite Installation and Configuration
The Splunk integration is a BeyondTrust Middleware Engine plugin. To install the BeyondTrust Middleware Engine, follow the instructions in the BeyondTrust Middleware Engine Configuration document.