The Identity Center provides a view into the Identity table within Splunk. This table drives the correlation between user identity data and event data captured from the PCI resources sending data to Splunk.
Use this dashboard to identify specific users, their identities, categories, termination dates, and other information to drive user-related reports.
|Priority||Options are: unknown, low, medium, high, critical|
|Business unit||For example, americas, emea|
|Category||Select one or more asset categories to report on. (The default is "pci".)|
|Search||Add additional search parameters to this field|
Click "Watchlisted identities only" to confine the search to those identities noted as "watchlist" in the Identitiy table.
This dashboard displays:
- Identities by Priority - A pie chart that displays identities by priority (low, medium, high, or critical). Mouse over the chart for additional details.
- Identities by Business Unit - A pie chart that displays identities by business unitl. Mouse over the chart for additional details.
- Identities by Category - A pie chart that displays identities by category. Mouse over the chart for additional details.
- Identities - Shows a list of identities active in the PCI compliance environment, with details derived from the Identity table. Click "View full results" for more information about the event.
This documentation applies to the following versions of Splunk® App for PCI Compliance: 2.1.1