Select the SIEM server.
Type
The type of SIEM server. The current Cryptographic Security Platform release only supports selecting Splunk.
As explained in SIEM requirements, the current Cryptographic Security Platform release only supports the Splunk SIEM.
Mandatory: Yes
Host
The IP address or hostname of the external SIEM server.
Mandatory: Yes
Port
The port of the SIEM service.
In the Splunk configuration, this port is the "HTTP Event Collector" port.
Mandatory: Yes
Token
A secret authentication token provided by the external SIEM service.
Mandatory: Yes