Splunk® App for PCI Compliance

User Manual

Acrobat logo Download manual as PDF


This documentation does not apply to the most recent version of Splunk® App for PCI Compliance. For documentation on the most recent version, go to the latest release.
Acrobat logo Download topic as PDF

Identity Center

The Identity Center provides a view into the Identity table within Splunk. This table drives the correlation between user identity data and event data captured from the PCI resources sending data to Splunk.

Use this dashboard to identify specific users, their identities, categories, termination dates, and other information to drive user-related reports.

Pci-identity center.png

Available filters:

Filter Description
Username Identity
Priority Options are: unknown, low, medium, high, critical
Business unit For example, americas, emea
Category Select one or more asset categories to report on. (The default is "pci".)
Search Add additional search parameters to this field

Click "Watchlisted identities only" to confine the search to those identities noted as "watchlist" in the Identitiy table.

This dashboard displays:

  • Identities by Priority - A pie chart that displays identities by priority (low, medium, high, or critical). Mouse over the chart for additional details.
  • Identities by Business Unit - A pie chart that displays identities by business unitl. Mouse over the chart for additional details.
  • Identities by Category - A pie chart that displays identities by category. Mouse over the chart for additional details.
  • Identities - Shows a list of identities active in the PCI compliance environment, with details derived from the Identity table. Click "View full results" for more information about the event.
Last modified on 26 October, 2015
PREVIOUS
Asset Center
  NEXT
Search

This documentation applies to the following versions of Splunk® App for PCI Compliance: 2.1.1


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters