Hello there!

Need Help? We are right here!

Support Icon
miniOrange Email Support
success

Thanks for your Enquiry. Our team will soon reach out to you.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×

SIEM Integration


miniOrange OnPremise Identity Server allows you to send logs and events to any Security Information and Event Management (SIEM) Tool like Splunk. This section describes an approach by modifying your log4j2.xml file.

Prerequisites

We recommend changing the log level to error-level messages. When log levels are down to a minimum, the server generates large amounts of information in an active production environment. As an alternative, you can set the log level to ERROR and higher so that only important logs are logged. This ensures only important information is sent over to your SIEM tool.

You can even set up a specific log to log only ERROR and higher by modifying the log4j2.xml file.

Configuration Steps

  • Add an appender. The easiest way is to copy the one below.
  • Appender section for On-premise IDP

  • Paste the appender in the appenders section as shown below. Make sure to replace <ip-address> with your SIEM IP Address.
  • SIAM IP Address

  • Restart the server.

Want To Schedule A Demo?

Request a Demo
  



Our Other Identity & Access Management Products