The Digital Vault software is the core of CyberArk's solutions. It is the secure repository of all sensitive information and is responsible for securing this information, managing and controlling all access to it, and maintaining and providing tamper-proof audit records.
Netsurion collects the event logs delivered from the CyberArk Vault and filters them out to get some critical event types for creating a report, dashboard, category, and alerts. Among the event types, we are considering: Threat detection, Suspicious behavior detection, Configuration change and action taken on threats.
Firstly, it is necessary to set up the CyberArk Vault to deliver events to the EventTracker Manager and then configure the dashboards and reports in EventTracker.
The configuration details are consistent with EventTracker version 9.3 or later, and CyberArk Vault version 10.5 or above.
To configure the CyberArk Vault to send logs to EventTracker, refer to the How-To Guide.
To configure the Knowledge Pack in the EventTracker console, refer to the Integration Guide.