Prerequisites for the BeyondTrust Remote Support Integration with Splunk
You must purchase this integration separately from both your BeyondTrust software and your Splunk solution. For more information, contact BeyondTrust sales.
- BeyondTrust Remote Support: 14.x and newer
- Splunk on-premise: 6.3.0 and newer
The following network communication channels must be open for the integration to work properly:
|Outbound From||Inbound To||TCP Port #||Purpose|
|BeyondTrust Middleware Engine Server||Splunk Server||1514||Session event data is pushed as specially formatted syslog messages into Splunk|
|Secure Remote Access Appliance||Splunk Server||514||Syslog event information from the appliance|
Prerequisite Installation and Configuration
The Splunk integration is a BeyondTrust Middleware Engine plugin. To install the BeyondTrust Middleware Engine, follow the instructions in the BeyondTrust Middleware Engine Configuration document.