Splunk Capabilities
Last updated: October 8, 2024
After this article...
You'll understand the capabilities our Splunk integration provides, and how Lumos interacts with the Splunk API.
Post SIEM logs
Events that happen in Lumos will post to the Splunk collector that you configured:📄 Connecting Splunk
More details on the event logging format and types of events we send can be found here:📄 How Lumos Logs to Your SIEM
Splunk API endpoint: https://docs.splunk.com/Documentation/Splunk/9.2.1/RESTREF/RESTinput#services.2Fcollector.2Fevent (we transmit events via the services/collector/event endpoint)