and more in a single search tool across platforms. Read the announcement here. |
04/03/2024 05:47 AM
We have followed this below document to integrate the Saviynt to Sentinel to fetch all audit logs for Saviynt however analytics query mentioned the document is not fetching the PAM related audit data.
Saviynt SIEM Integration (saviyntcloud.com)
Can you please help to suggest single analytics that will fetch both Saviynt as well as PAM related logging data. From PAM side we need to capture complete details about privilege sessions, privilege requests and servers which were onboarded as endpoints.
04/04/2024 11:35 PM
Hello @Diwakar,
We are checking it internally, if it possible or not, we will confirm you shortly.
Thanks.
04/05/2024 08:33 AM
@Diwakar : For PAM related analytics please refer doc: CPAM-SIEM-Integration.htm
04/09/2024 04:51 AM
@sk I gone through the links however it didnt provided the query to how to fetch the audit data for PAM session requested, we need the audit data for PAM session requested by individual users like how we are getting for IGA for Saviynt SIEM integration Saviynt SIEM Integration (saviyntcloud.com)
Could you please help me with the similar analytics control to get all PAM sessions audit data?
Thanks,
Diwakar.
04/16/2024 02:16 AM
Hi Team,
Can you please provide an update on above query?
Thanks,
Diwakar
04/16/2024 07:36 AM
Hello @Diwakar,
There are 31 out of the box analytic controls for PAM and you can find the list by navigating to Admin -> Sav Roles -> ROLE_SAV_PAMOWNER and select "Analytics" tab. If you search here with name "session", you will be able to see 5 analytic controls (screenshot below). You can use these analytic controls as reference to create any other custom controls.
Thanks