trying to building out some splunk dashboards, particularly on identifying people trying to circumvent PAM or anything like that?
trying to building out some splunk dashboards, particularly on identifying people trying to circumvent PAM or anything like that?
Splunk is a very informative tool, i have personally integrated CA PAM with Splunk and created lot of custom dashboard which allows operation team to have a quick view of whats happening. But all this is outside CA PAM and manually needs to be done in Splunk onetime. Only thing you needs is Splunk expertise. Let me know if you need any help. will be happy to help you.
At this time CA PAM Support does not have this type of information but I have seen several requests for similar information but I think opening an enhancement request from development would help drive this type of documentation. If you do open an enhancement request please post that link in this post to allow others who read this to "vote" on the enhancement.