Overview

Sectigo Connector for Splunk Enterprise ("the connector") is a modular input script for integrating Sectigo Certificate Manager (SCM) audit logs with a Splunk Enterprise server. This integration lets you pull SCM audit logs into Splunk to monitor, analyze, and visualize the SCM activities of your organization in near real-time. SCM stores audit logs for 30 days.

Audience

This guide is intended for Splunk administrators and system administrators who have knowledge of IT security, cloud security, and are also familiar with SCM.

Scope

This guide covers instructions for deploying and configuring the Sectigo-developed modular input to deliver SCM audit logs to your Splunk Enterprise server.

Additional resources

Sectigo Certificate Manager administrator’s guide
Overview of Splunk modular inputs