Prerequisites for the BeyondTrust Privileged Remote Access Integration with Splunk
You must purchase this integration separately from both your BeyondTrust Privileged Remote Access and Privileged Identity solutions. For more information, contact BeyondTrust sales.
- BeyondTrust Privileged Remote Access: 15.x and newer
- Splunk on-premise: 6.3.0 and newer
The following network communication channels must be open for the integration to work properly:
|Outbound From||Inbound To||TCP Port #||Purpose|
|BeyondTrust Middleware Engine Server||Splunk Server||1514||Session event data is pushed as specially formatted syslog messages into Splunk|
|BeyondTrust Appliance||Splunk Server||514||Syslog event information from the appliance|
Prerequisite Installation and Configuration
The Splunk integration is a BeyondTrust Middleware Engine plugin. To install the BeyondTrust Middleware Engine, follow the instructions in the BeyondTrust Middleware Engine Configuration document.