Views:

Set up the Cyber Risk Exposure Management for Splunk integration to allow Splunk to share website access logs and provide insights to TrendAI Vision One™.

Procedure

  1. In the TrendAI Vision One™ console, obtain the authentication token.
    1. In TrendAI Vision One™, go to Workflow and AutomationThird-Party Integrations.
    2. Locate and click the Cyber Risk Exposure Management for Splunk card.
    3. Click ServiceGatewayCopyIcon=GUID-EE08C798-0F99-467B-996A-93D14044BF0E.png to copy the Authentication token.
  2. Download and install the TrendAI™ Cyber Risk Exposure Management for Splunk app from Splunkbase.
    1. Go to Splunk and select Splunkbase from the Resources drop-down.
    2. Search for and download the TrendAI™ Cyber Risk Exposure Management for Splunk app from Splunkbase.
    3. Install the TrendAI™ Cyber Risk Exposure Management for Splunk app.
  3. Use the authentication token to configure the integration in the Splunk console.
    Note
    Note
    For more information, see Splunkbase - TrendAI™ Cyber Risk Exposure Management for Splunk.
    1. In the Splunk console, go to AppsTrendAI™ Cyber Risk Exposure Management for Splunk.
    2. Go to Configuration.
    3. In the User Account section, specify your account name and contact email address.
    4. In the TrendAI Vision One™ Integration section, enable TrendAI Vision One™ integration and paste in the Authentication token copied from the TrendAI Vision One™ console.
    5. Click Save.
      Splunk begins collecting and analyze XDR data from TrendAI Vision One™. Splunk can only collect XDR data generated after connecting to TrendAI Vision One™. You might need to allow some time before new XDR data starts to appear.