Skip to main content
Skip table of contents

Services

The services area of the Signum Admin Web Console gives the administrator the option for configuring external logging services for the Signum Event Logs. This will send Two methods are supported, Syslog and Splunk.

SysLog

Setting

Description

SysLog

Enable to activate SysLog exports.

Protocol

The Communication protocol to use TCP/UDP.

Server

The SysLog Server URL.

Port

Optional Port configuration.

TLS

Enable to use TLS.

TLS Certificate

The TLS certificate of the SysLog server

Splunk - HTTP Event Collector

This setting will configure Signum to send Event Log data to a configured Splunk server using their Event Collector framework.

The Signum Server must be running version 4.20 or later before enabling this feature

Setting

Description

Splunk

Enable to activate sending the logs to Splunk

TLS Certificate

Choose wether Signum must validate the Splunk server certificate.

Keyfactor Support can help add your private CA certificate to Signum if your Splunk server is using one.

Splunk HEC URL

The URL of your Splunk HTTP Event Collector. To make sure the URL is configured properly please see https://docs.splunk.com/Documentation/Splunk/9.3.1/Data/UsetheHTTPEventCollector#Configure_HTTP_Event_Collector_on_Splunk_Cloud_Platform

The http-inputs prefix is not needed as Signum is hosted in Azure.

An example of a URL from a trial Splunk instance may look like

CODE
https://<host>.splunkcloud.com:8088/services/collector/event

Splunk HEC Token

The HEC Access token from Splunk.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.