Splunk Integration Install for Censys Attack Surface Management
Overview
Use the Censys Attack Surface Management (ASM) for Splunk integration to visualize Logbook API and Risks API data on a customizable dashboard and quickly discover changes in your attack surface.
Censys also provides reports based on Attack Surface Management data, which can be used for alerting and creating dashboards in Splunk. Workflow actions provide a seamless transition between Splunk Search and Censys ASM.
To use Splunk with Censys ASM, you must install both the Censys Add-on for Splunk and the Splunk for Censys Attack Surface Management app.
After configuring the integration, see Splunk: Using the Attack Surface Management Integration for instructions on using the integration.
How to download and configure Splunk for Censys ASM
Prerequisites
You will need:
- Your Censys ASM platform API key
- To find your API key, log in to Censys ASM and click Integrations at the top of the page.
- An active Splunk account
Step 1: Install the Splunk Add-On
- While logged in to Splunk, click +Find More Apps in the left sidebar.
- Type "Censys" into the search bar and locate the Censys Add-on for Splunk. Click Install.
- Re-enter your login credentials to confirm.
It is also possible to download and install the Censys Add-on for Splunk directly from Splunkbase.
Step 2: Configure the Splunk Add-on
Note: If you are using the same Censys workspace for multiple Splunk destinations, you only need to configure one Add-on.
- While logged in to Splunk, click Configuration at the top of the page.
- Click the Accounts tab. On the right side, click Add.
- Enter an Account Name and paste in your Censys ASM platform API key.
- We recommend using the name of your ASM workspace for your account name.
- Click Add.
- Return to the Configuration page in Splunk, and click the Inputs tab.
- Click Create New Input. Configure the following fields:
- Input Name: Enter a name for the logbook input.
- Interval: Enter an interval, in seconds, for how frequently data will be fetched from Censys ASM.
- Index: Enter the index where the data is stored.
- Account: Indicate which Censys account to use.
- Click Add.
Step 3: Install Splunk for Censys ASM
- While logged in to Splunk, click +Find More Apps in the left sidebar.
- Type "Censys" into the search bar and locate the Censys ASM for Splunk. Click Install.
- Re-enter your login credentials to confirm.
It is also possible to download and install the Censys ASM for Splunk app directly from Splunkbase.
Comments
0 comments
Article is closed for comments.