Splunk Integration in SureMDM Web Console
To integrate Splunk with SureMDM Web, follow these steps:
1. Navigate to SureMDM Web Console > Settings (icon located at the top right of the screen) > Account Settings > SIEM Integration.
2. Configure the following required settings and click Save.
|
Settings |
Description |
|
Enable SIEM Integration |
Allows configuring SIEM settings. |
|
Select Server |
Select the SIEM tool as Splunk from the dropdown menu. |
|
HEC Token |
Enter the token copied from Step no.11 of Splunk Configuration. |
|
Host URL |
Enter the URL copied from Step no. 11 of Splunk Configuration. |
|
Source Type, Source (optional) |
Enter the details. For Example: Source Type: UEMLogs Source: 42Gears |
Now 42Gears UEM is integrated with Splunk. The system activity logs and device logs recorded in SureMDM Web Console will get updated automatically in Splunk every 24 hours.
