The Bitwarden Blog

Using Splunk with Bitwarden Password Manager

RL
dont l'auteur est:Ryan Luibrand
affichée:
Link Copied!

Bitwarden integrates with Splunk Enterprise for event and security logging

Bitwarden recently released an official integration app for Splunk Enterprise on-premise installations, available on the Splunkbase. The integration app for Bitwarden enterprise customers simplifies the process for bringing the Bitwarden events into Splunk, and a step-by-step guide is available in the Help documentation.

The Bitwarden Event Logs app for Splunk comes with three pre-built dashboards, Bitwarden authentication events, vault item events, and organization events. Splunk users can also build custom dashboards and integrate Bitwarden events data into existing dashboards. This makes it easy to identify patterns at-a-glance and respond immediately to threats to the business IT infrastructure. More integration information is provided in the Splunk integration datasheet.

Splunk and Bitwarden: Expanding SIEM coverage

Splunk is a well-known tool in the world of Security Incident and Event Management, or SIEM. It performs advanced analysis on the thousands to millions of loggable events on a network, including from hardware and applications, and consolidates them into actionable security alerts and dashboards.

In all, more than 50 types of events are recorded and logged in perpetuity and can be passed to Splunk for analysis and integration into existing security systems.

Now, with the official integration, that includes the robust, auditable event logs of Bitwarden Password Manager. These logs cover user events, vault item events, organization events, and more. In all, more than 50 types of events are recorded and logged in perpetuity and can be passed to Splunk for analysis and integration into existing security systems. Importantly, this expands SIEM monitoring to apps, websites, and other data that normally flies under the radar.

How Bitwarden enhances Splunk capabilities

  • Expands SIEM oversight to website and application logins

  • Option to self-host for uniform security control

  • Provides open source transparency for credential management, including the Splunk integration app itself

What you can do with Bitwarden and Splunk

  • Set alerts for suspicious access to logins and stored credit cards

  • Identify a rogue user account and temporarily revoke it from the organization

  • Determine proper usage and adoption of Bitwarden Password Manager

If you use Splunk in your organization, you will find value in the Bitwarden open source approach to security, the depth of the Bitwarden event logs, and the benefits of expanding SIEM coverage to an organization password vault. Additionally, any SIEM tool can access Bitwarden events via the two available APIs. Visit bitwarden.com today to start a 7-day trial or reach out to the business sales team to learn more!

Link Copied!
Retour au blog

Get started with Bitwarden today.

Créez votre compte gratuit

© 2024 Bitwarden, Inc. Conditions Confidentialité Paramètres des cookies Plan du site

Go to EnglishStay Here