# Monitor Bitwarden events using Splunk for SIEM Management Learn how Bitwarden and Splunk integrate together to provide security information and event management (SIEM) for defense against malicious attacks and network breaches. --- Splunk is a security and observability tool used to provide visibility on large amounts of data for multi-cloud and on-premise deployments. The solution delivers insights on critical metrics such as uptime, anomalies, outages, suspicious activity, and more. With these cloud observability insights, Splunk can detect malicious activity and notify IT, DevOps, and SRE teams when a data security event occurs.  Bitwarden and [Splunk](https://www.splunk.com/) integrate together to provide security information and event management (SIEM) for defense against malicious attacks and network breaches. SIEM technology identifies potential threats to online applications, while also providing compliance and security management for cloud infrastructure data in near real-time. This is achieved by logging a collection of detailed events that occur across various data sources.  With Bitwarden and Splunk, detailed information on activity across password management activity can be gathered and displayed in visual dashboards for easy monitoring. Together, the two integrate to provide valuable insights into a given Bitwarden organization, including information such as user activity, password changes, shared passwords, and more. Combined with monitoring of other infrastructure, apps, and networking, Splunk provides a holistic view of company security. ![Splunk logo](https://bitwarden.com/assets/2USqwZtvVG75tQmYY3R99q/81b6378c80c884d04309eec3398b7c00/Splunk_logo.png) ## Table of Contents [The benefits of Bitwarden and Splunk together](https://bitwarden.com/it-it/resources/monitor-bitwarden-events-using-splunk-for-siem-management/#the-benefits-of-bitwarden-and-splunk-together-include/) [Integration Details: The official Bitwarden Splunk app](https://bitwarden.com/it-it/resources/monitor-bitwarden-events-using-splunk-for-siem-management/#integration-details-the-official-bitwarden-splunk-app/) [![SIEM Presentation Page](https://bitwarden.com/assets/7jSWKjP9o0KEUsFcaOMz8g/f639f086d1fb2eef9f20f80a685dfba4/-Public-_Introduction_to_SIEM_and_Splunk_Integration__5_.png)](https://bitwarden.com/resources/presentations/security-incident-and-event-management-siem/) ## The benefits of Bitwarden and Splunk together include - Alerts for suspicious activity and detailed reports from Bitwarden logs - Expands SIEM oversight to website and application credentials - Visual dashboards and event search macros for easy monitoring - Records of specific credential access by users - Insights into user adoption of company security tools - Offboarding reports that list credentials a former employee had access to, ensuring tighter security and access control ## Did you know? Bitwarden records more than 60 types of events that are logged in perpetuity and can be passed to Splunk for analysis and integration into existing security systems. ## Integration Details: The official Bitwarden Splunk app Bitwarden integrates easily into Splunk Enterprise self-hosted, Splunk Cloud Classic, and Splunk Cloud Victoria installations through the official Bitwarden Event Logs app available in the [user interface](https://bitwarden.com/it-it/help/splunk-siem/#install-the-splunk-bitwarden-app/). The app entry can also be [found on Splunkbase](https://splunkbase.splunk.com/app/6592)**.**Follow the steps in the Splunk SIEM [integration documentation](https://bitwarden.com/it-it/help/splunk-siem/) from the Bitwarden Help Center. Once your Bitwarden organization is connected to Splunk, three pre-built dashboards will populate: Authentication Events, Vault Item Events, and Organization Events. Other custom dashboards can be built to make use of this data. Alternatively, use Bitwarden API integration to set up SIEM functionality by exporting event data from your organization. [The Public API](https://bitwarden.com/it-it/help/api/) can provide information about your organization and users. The [Vault Management API](https://bitwarden.com/it-it/help/bitwarden-apis/#vault-management-api/) provides access to information about encrypted data and is hosted within the Bitwarden CLI client using the `serve `command on an owned endpoint. Combined, these two APIs will provide a full view of your organization and vault. ## Additional Resources - [Using Splunk with Bitwarden](https://bitwarden.com/it-it/blog/using-splunk-with-bitwarden-password-manager/#splunk-and-bitwarden-expanding-siem-coverage/) - [Event Logs](https://bitwarden.com/it-it/help/event-logs/) - [Event Logs in Onboarding and Succession](https://bitwarden.com/it-it/help/onboarding-and-succession/#event-logs/) - [Splunk SIEM](https://bitwarden.com/it-it/help/splunk-siem/) - [Bitwarden Public API](https://bitwarden.com/it-it/help/public-api/) - [Bitwarden Vault Management API](https://bitwarden.com/it-it/help/cli/#serve/) ## Ottieni subito una sicurezza per le password potente e affidabile. Scegli il tuo piano. ## Personale ### Hai appena iniziato? *Ottieni una gestione di base delle password oggi stesso. Sempre gratis.* [Crea un account gratuito](https://bitwarden.com/go/start-free/) --- ### Premium **$1.65** *al mese* *Con fatturazione annuale a 19,80 USD* Scopri le funzionalità premium - Autenticatore integrato - Allegati file - Accesso di emergenza - Blocco del phishing - Report di sicurezza e altro Condividi gli elementi della cassaforte con un altro utente [Crea un account Premium](https://bitwarden.com/go/start-premium/) --- ### Famiglie **$3.99** *al mese* *Fino a 6 utenti, con fatturazione annuale a 47,88 USD* Proteggi gli accessi della tua famiglia - 6 account premium - Condivisione illimitata - Raccolte illimitate - Spazio di archiviazione dell’organizzazione Condividi gli elementi della cassaforte tra sei persone [Inizia la prova gratuita per Famiglie](https://bitwarden.com/go/start-families-trial/) --- Prezzi indicati in USD e basati su un abbonamento annuale. Tasse escluse. ## Business ### Teams *Per team e aziende in crescita che devono muoversi rapidamente.* **$4** *al mese / per utente, con fatturazione annuale* **Nessun compromesso** Tutte le funzionalità Premium, più funzionalità avanzate come: - Condividi le credenziali in modo sicuro - Controlla le attività con i log eventi - Sincronizza la directory esistente - Automatizza il provisioning con SCIM [Avvia la prova gratuita](https://bitwarden.com/go/start-teams-trial/) --- ### Enterprise *Per aziende che necessitano di protezione e controllo avanzati.* **$6** *al mese / per utente, con fatturazione annuale* **Massima protezione** Tutte le funzionalità Premium e Teams, più funzionalità di livello enterprise come: - Controllo granulare degli accessi - Integrazione SSO senza password - Recupero account semplificato - Flessibilità di self-hosting - Mitigazione dei rischi con Access Intelligence [novità] - Piano Families gratuito per tutti gli utenti [Avvia la prova gratuita](https://bitwarden.com/go/start-enterprise-trial/) --- ### Parla con il team vendite *Per le grandi organizzazioni, parla con un esperto di un piano su misura e scopri come Bitwarden può:* *al mese* - Ridurre il rischio di cybersecurity - Aumentare la produttività - Integrarsi perfettamente Bitwarden si adatta ad aziende di qualsiasi dimensione per portare la sicurezza delle password nella tua organizzazione [Parla con il team vendite](https://bitwarden.com/talk-to-sales) --- Prezzi indicati in USD e basati su un abbonamento annuale. Tasse escluse.