Packaged Integrations
Packaged Integrations
ObserveIT and our partners have built a number of integrations and plugins that work right out of the box with many popular SIEMs and other tools.
These integrations provide security analysts and investigation teams with user activity metadata, smart user behavior alerts and user context to help identify and investigate Insider Threats and other user-based threats directly from within the App. Security teams can correlate ObserveIT metadata to create smarter alerts and stop threats before they happen.
Below are links to guide you.
Splunk: ObserveIT’s Splunk integration is easy to install from Splunkbase, allowing visualization and correlation between your ObserveIT insights and the other events on your network.
IBM QRadar: ObserveIT’s QRadar integration is easy to install from IBM’s X-Force App Exchange and will bring your ObserveIT data into QRadar so you can correlate with data from other sources and manage Critical Alerts as Offenses.
McAfee ESM: ObserveIT integration with McAfee ESM brings the powerful ObserveIT insights into your SIEM, so you can manage your alerts and correlate ObserveIT’s user context with your other data feeds.
ArcSight: ObserveIT’s Arcsight integration is easy to install from MicroFocus’ ArcSight Marketplace and will bring your ObserveIT data into your SIEM so you can manage your alerts and bring meaning to the data from other systems with ObserveIT’s user context.
LogRhythm: By correlating ObserveIT’s powerful user context with the other data sources in your SIEM, a complete picture of a user’s activities will emerge, allowing for creation of smarter alerts and quicker threat elimination.
AlienVault: ObserveIT integration with AlienVault brings the powerful ObserveIT insights into your SIEM, so you can manage your alerts and correlate ObserveIT’s user context with your other data feeds.
ServiceNow: Support your remote access approval workflow by automatically linking your remote connection requests with incidents in ServiceNow.
IBM Resilient: The unmatched user context ObserveIT provides will streamline your Resilient investigations. The included automated workflow functions will bring the ObserveIT insights to your incidents either automatically or with the click of a button.
ObserveIT API: With the power of ObserveIT’s REST API, you can download reports, update lists, start and stop recordings, and more! Bring the unmatched user-context of ObserveIT anywhere by building a custom integration.