Select the tab
ESET Connect – Table of Contents

Splunk Cloud

How to enable the integration

Ensure you meet the prerequisites, then follow the installation and configuration steps.

Prerequisites

You have created the dedicated API user account.

You have created the splunk.com account and have access to Splunk Cloud.

You have administrator rights in Splunk Cloud.

Installation steps

1.Log in to Splunk Cloud.

2.Navigate to Apps > Manage apps and click Browse more apps.

3.Type ESET into the search bar and click Search.

4.On the ESET PROTECT Platform integration app tile, click Install.

5.Log in to the splunk.com account if prompted and agree to the terms and conditions to proceed.

6.After installation, the system shows a message about successful app installation, and you can proceed with configuring the app.

Configuration steps

1.Click Open the app.

2.Navigate to the Setup page and provide the following details:

Username—The API user's email

Password—The API user's password

Choose a region—The location of your ESET PROTECT/ESET Inspect server; the options are: CA, DE, EU, JPN, US.

Use Eset Protect—The ESET application that Splunk uses to pull detections; the options are Yes/No. Set Yes if you have an ESET PROTECT subscription.

Use Eset Inspect—The ESET application that Splunk uses to pull detections; the options are Yes/No. Set Yes if you have an ESET Inspect subscription.

3.Click Save. You can now use the integration app.