Windows-based Deployment Guide for SureMDM On-Premise

Configure Splunk Connector 

Security Information and Event Management (SIEM) system, monitors and analyzes network and hardware activities inside the enterprise environment. SureMDM has integration with SIEM tool - Splunk, to transfer system activity logs and device activity logs.

To configure SplunkConnector, follow these steps:

1.  Double click SplunkConnector executable file given in the mars link.

2.  Click Next. 

3.  Select Everyone and click Next.

4.  Click Next > Close. 

5.  Navigate to C: drive > 42Gears folder > SplunkConnector folder. 

6.  Open config file Splunk and change the keys as given below:

<add key="MainDBConnectionString" value="xxxxx" />

 Example: <add key="MainDBConnectionString" value="Driver={ODBC Driver 17 for SQL Server};Server=LOCALHOST\SQLEXPRESS;Database=suremdmdb;Uid=sa;Pwd=xxxxxx;" />

Note: The values such as ODBC Driver, Server, Uid and Pwd should be given based on your configuration.

<add key="MongoDBURI" value="xxxxxxx" />

<add key="MongoDBName" value="suremdmdb" />

<add key="Region" value="US" />

Note: 

              1. MainDBConnectionString is SQL Connection String.

              2. MongoDBURI is MongoDB Connection String.

7.  Restart the SplunkConnector service from Task Manager.