Integration with SIEMs is one of the most common things customers set up when deploying WAFs to protect their apps and APIs. We’ve just added native Splunk support, so you can connect it in a matter of minutes.

You can pull all the security events right into Splunk:

• Hits (attack requests)
• Discovered vulnerabilities
• Changes in the network perimeter
• System messages

Having the integration in place allows you to triage threats faster and to aggregate data from a variety of security tools your organization is using.

It has always been possible to push data into SIEMs using Wallarm APIs. With the native support of Splunk, you don’t need to deal with API anymore. For the Splunk integration, only HEC Token and API URL are required to have it running.

Try it out now in your Wallarm settings.