Splunk integration

  • Great plugin! Thank you so much.

    We’re trying to integrate with Splunk, as per your instructions here.

    All we’re showing are the alert_id. How can we get the actual alert descriptions to show?

    Thanks again!

    Steve

Viewing 1 replies (of 1 total)
  • Plugin Author WPWhiteSecurity

    (@wpwhitesecurity)

    Hello Steve,

    Thank you for your positive feedback.

    That documentation is quite old and needs to be updated, sorry for that. Though the concept still applies, so I am sure you can work it out.

    Since then we’ve changed the tables’ structure and the ways the audit trail is stored in the database. Please refer to the WP Security Audit Log database documentation here.

    So basically in the database only the Alert ID and the metadata for that alert (such as post name, author, IP address) are kept in the database. The text of the alert is populated on the fly from the file defaults.php, which can be found in the root directory of the plugin.

    While I trust the above helps you setting up the integration, please do not hesitate to get in touch via email on [email protected] should you require further assistance.

Viewing 1 replies (of 1 total)
  • The topic ‘Splunk integration’ is closed to new replies.