Prerequisites for the BeyondTrustRemote Support Integration with Splunk

 

You must purchase this integration separately from both your Remote Support software and your Splunk solution. For more information, contact BeyondTrust sales.

Applicable Versions

  • BeyondTrustRemote Support: 14.x and newer
  • Splunk on-premise: 6.3.0 and newer

Network Considerations

The following network communication channels must be open for the integration to work properly:

Outbound From Inbound To TCP Port # Purpose
BeyondTrust Middleware Engine Server Splunk Server 1514 Session event data is pushed as specially formatted syslog messages into Splunk
Secure Remote Access Appliance Splunk Server 514 Syslog event information from the appliance

Prerequisite Installation and Configuration

The Splunk integration is a BeyondTrust Middleware Engine plugin.

For more information on installing and working with the BeyondTrust Middleware Engine, please see the
BeyondTrust Remote Support Middleware Engine Installation and Configuration document
.