Meet us at GISEC | RSA Conferences to explore our solutions. Know More
 +1 978 658 9387    Login  
Hello there!

Need Help? We are right here!

Support Icon
miniOrange Email Support
success

Thanks for your Enquiry. Our team will soon reach out to you.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×
  • IAM
  • SIEM Integration

SIEM Integration

miniOrange OnPremise Identity Server allows you to send logs and events to any Security Information and Event Management (SIEM) Tool like Splunk. This section describes an approach by modifying your log4j2.xml file.

Prerequisites

We recommend changing the log level to error-level messages. When log levels are down to a minimum, the server generates large amounts of information in an active production environment. As an alternative, you can set the log level to ERROR and higher so that only important logs are logged. This ensures only important information is sent over to your SIEM tool.

You can even set up a specific log to log only ERROR and higher by modifying the log4j2.xml file.

Configuration Steps

  • Add an appender. The easiest way is to copy the one below.
    • Appender section for On-premise IDP

  • Paste the appender in the appenders section as shown below. Make sure to replace <ip-address> with your SIEM IP Address.
    • SIAM IP Address

  • Restart the server.

Want To Schedule A Demo?

Request a Demo
  



Our Other Identity & Access Management Products

Single Sign-On

Seamless login for workforce and customer identity to cloud or on-premise apps

Learn more

Multi-factor Authentication

Secure access for identities with an additional layer of authentication

Learn more

Adaptive Authentication

Block or grant user access based on IP, Device, Time & Location

Learn more

Lifecycle Management

Manage & automate user provisioning and deprovisioning to apps

Learn More