Prerequisites for the BeyondTrustRemote Support Integration with Splunk
You must purchase this integration separately from both your Remote Support software and your Splunk solution. For more information, contact BeyondTrust sales.
- BeyondTrustRemote Support: 14.x and newer
- Splunk on-premise: 6.3.0 and newer
The following network communication channels must be open for the integration to work properly:
|Outbound From||Inbound To||TCP Port #||Purpose|
|BeyondTrust Middleware Engine Server||Splunk Server||1514||Session event data is pushed as specially formatted syslog messages into Splunk|
|Secure Remote Access Appliance||Splunk Server||514||Syslog event information from the appliance|
Prerequisite Installation and Configuration
The Splunk integration is a BeyondTrust Middleware Engine plugin.
For more information on installing and working with the BeyondTrust Middleware Engine, please see the
BeyondTrust Remote Support Middleware Engine Installation and Configuration document