Avanan offers an App for Splunk, publicly available in SplunkBase.
Avanan Splunk App pulls security events from Avanan to Splunk. The App allows our customers to consume Avanan security events on the same Splunk platform as other security solutions.
The App supports both Splunk Enterprise and Cloud.
Integrate Avanan Splunk App
- Go to "Security Engines" page and select the "Send security events to Splunk" engine under "SIEM Integration".
Make sure to select "Upload to the Avanan Splunk App" in the configuration.
- Go to SplunkBase and deploy the Avanan Splunk App: https://splunkbase.splunk.com/app/4880
- Install the App.
- Enter the app Set Up.
- Enter Client ID and Client Secret.
To obtain Client ID and Secret contact Avanan Support.