Skip to main content

Configure Splunk Connector

Security Information and Event Management (SIEM) system, monitors and analyzes network and hardware activities inside the enterprise environment. SureMDM has integration with SIEM tool - Splunk, to transfer system activity logs and device activity logs.

To configure SplunkConnector, follow these steps:

1.  Double click SplunkConnector executable file given in the mars link.

2.  Click Next. 

     Image

3.  Select Everyone and click Next.

    Image

4.  Click Next > Close. 

5.  Navigate to C: drive > 42Gears folder > SplunkConnector folder. 

6.  Open config file Splunk and change the keys as given below:

<add key="MainDBConnectionString" value="xxxxx" />

 Example: <add key="MainDBConnectionString" value="Driver={ODBC Driver 17 for SQL Server};Server=LOCALHOST\\SQLEXPRESS;Database=suremdmdb;Uid=sa;Pwd=xxxxxx;" />

note

The values such as ODBC Driver, Server, Uid and Pwd should be given based on your configuration.

<add key="MongoDBURI" value="xxxxxxx" />
<add key="MongoDBName" value="suremdmdb" />
<add key="Region" value="US" />

note

1. MainDBConnectionString is SQL Connection String.
2. MongoDBURI is MongoDB Connection String.

7.  Restart the SplunkConnector service from Task Manager.