Splunk integration
  • 08 Sep 2023
  • 1 Minute to read
  • PDF

Splunk integration

  • PDF

Article Summary

Splunk SIEM works as a security intelligence hub, designed to give you full visibility into your organization's security posture. It goes beyond traditional security solutions by providing real-time monitoring, detection, and response to threats across your entire IT environment. Splunk SIEM helps in early detection, rapid response and collaboration which are needed to mitigate today's advanced threats. 

The Splunk HTTP Event Collector (HEC) can be used to view alert notifications from Traceable in Splunk. Splunk HEC lets you send data and application events to a Splunk deployment over the HTTP and Secure HTTP (HTTPS) protocols. This helps consolidate alert notifications from Traceable into Splunk so that your operations team can review and act on the alerts. Traceable threat activity and events for different detections like Broken Object level Authorization, Broken Functional level Authorization, SQL Injection, Remote Code execution, and so on can be automatically sent to Splunk for further analysis.

Before you begin

Make a note of the following points before proceeding with integration:


To integrate Splunk SIEM with Traceable, login to your Traceable account and navigate to Integrations SIEM/SOARSplunk

Provide the Splunk HTTP Event Collector URL and the Splunk API token. Traceable validates the URL and the API token. If the validation succeeds, the Save button is enabled.

Was this article helpful?