Prerequisites for the BeyondTrust Remote Support Integration with Splunk
You must purchase this integration separately from both your Remote Support software and your Splunk solution. For more information, contact BeyondTrust sales.
- BeyondTrust Remote Support: 14.x and newer
- Splunk On-Premises and Cloud: 6.3.0 and newer
The following network communication channels must be open for the integration to work properly:
|Outbound From||Inbound To||TCP Port #||Purpose|
|BeyondTrust Middleware Engine Server||Splunk Server||1514||Session event data is pushed as specially formatted syslog messages into Splunk|
|Secure Remote Access Appliance||Splunk Server||514||Syslog event information from the appliance|
Prerequisite Installation and Configuration
The Splunk integration is a BeyondTrust Middleware Engine plugin.
For more information on installing and working with the BeyondTrust Middleware Engine, please see the
BeyondTrust Remote Support Middleware Engine Installation and Configuration document