Splunk® User Behavior Analytics

Administer Splunk User Behavior Analytics

Send Splunk UBA data to Splunk Enterprise Security

To send data from Splunk UBA to Splunk Enterprise Security (ES), you must use the Splunk Add-on for Splunk UBA, which is provided with Splunk ES.

For Splunk UBA version 5.4.0 and higher, the Splunk ES account being used for UBA-ES integration must have the edit_token_http capability.

For more information about how Splunk UBA and Splunk ES can be integrated, see How Splunk UBA sends and receives data from the Splunk platform in the Send and Receive Data from the Splunk Platform manual.

Last modified on 11 July, 2024
Replace Job Manager certificate with a third-party certificate   Send Splunk UBA threats to analysts using email

This documentation applies to the following versions of Splunk® User Behavior Analytics: 5.4.0, 5.4.1


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters