Admin ConsoleReporting

Panther SIEM

Panther is a security information and event management (SIEM) platform that can be used with Bitwarden organizations. Organization users can monitor event activity with the Bitwarden app on their Panther monitoring system.

Setup

Create a Panther account

To start you will need a Panther account and dashboard. Create a Panther account on their website.

Initialize Panther Bitwarden Log Source

  1. Access the Panther dashboard.

  2. On the menu, open the Configure dropdown and select Log Sources.

    Panther Log Sources
    Panther Log Sources

  3. Select Onboard your logs.

    Panther Onboard logs
    Panther Onboard logs

  4. Search Bitwarden in the catalogue.

    Elastic Bitwarden integration
    Elastic Bitwarden integration

  5. Click on the Bitwarden integration and select Start Setup.

Connect your Bitwarden organization

After you select Start Setup you will be brought to the configuration screen.

備考

Panther SIEM services are only available for Bitwarden cloud hosted organizations.

  1. Enter a name for the integration and then select Setup.

  2. Next, you will have to access to your Bitwarden organization's Client ID and Client Secret. Keep this screen open, on another tab, access your Bitwarden web vault. Open your organization and navigate to Settings, Organization info, and View API key. You will be asked to re-enter your master password in order to access your API key information.

    Organization api info
    Organization api info

  3. Copy and paste the client_id and client_secret values into their respective locations on the Bitwarden App setup page. Once you have entered the information, continue by selecting Setup again.

  4. Panther will run a test on the integration. Once a successful test has been completed, You will be given to option to adjust preferences. Complete the setup by pressing View Log Source.

    備考

    Panther may take up to 10 minutes to ingest data following the Bitwarden App setup.

Start monitoring data

  1. To begin monitoring data, head over to the primary dashboard and select Investigate and Data Explorer.

  2. On the Data Explorer page, select the panther_logs.public database from the drop down menu. Make sure that bitwarden_events is being viewed as well.

    Panther Data Explorer
    Panther Data Explorer

  3. Once you have made all of your required selections, select Run Query.
    You may also Save as to use the query at another time.

  4. A list of Bitwarden events will be produced at the bottom of the screen.

    Panther Event Logs
    Panther Event Logs

  5. Events can be expanded and viewed in JSON by selecting View JSON. .

    Panther JSON Object
    Panther JSON Object

    For additional information regarding Bitwarden organization events, see here. Additional options for specific queries are available, see the Panther Data Explorer documentation for more information.

Make a suggestion to this page

サポートチームへのお問い合わせ

For technical, billing, product, and Family/Premium questions.

お名前*
ビットワルデン*
アカウントのメールアドレスを確認してください*
製品*
あなたは自己ホスト型ですか?*
件名*
お問い合わせ内容を入力してください...*

クラウドのステータス

ステータスを確認する

© 2024 Bitwarden, Inc.利用規約プライバシーポリシーサイトマップ
このサイトは日本語でご利用いただけます。
Go to EnglishStay Here