Impelix IMPACT Integration
with Delinea (Thycotic) Secret Server
The Impelix IMPACT platform ingests telemetry from your all your security products as well as third-party feeds (threat intelligence, cybersecurity risk, business resilience intelligence, etc.) and delivers event correlation, security control efficacy, and compliance monitoring.
We believe that the more data ingested into IMPACT, the more context you will have regarding security incidents, which will allow effective and efficient incident response and compliance management. Therefore, we encourage and facilitate connecting vendor products telemetry with Impelix IMPACT platform.
Delinea (Thycotic) Secret Server
Delinea (Thycotic) Secure Syslog/CEF Logging in Secret Server
Thycotic Console
- Navigate to Admin > Configuration.
- Click the General tab.
- Click the Edit button at the bottom of the page.
- Go to the Application Settings section.
- Click to select the Enable Syslog/CEF Logging check box. A syslog/CEF section appears.
Note: syslog/CEF may require an additional license key. To install licenses, navigate to Admin > Licenses > Install New License. Once installed, the license requires activation. Contact your Thycotic Sales Representative with any questions.
- Type IP address or name of the Impelix IMPACT server in the Syslog/CEF Server text box.
- Type the port number where the logging information will be passed (6514 is the default port for secure TCP syslog) in the Syslog/CEF Port text box.
Note: SS requires outbound access to this server and port so communication can pass freely.
- Click the Syslog/CEF Protocol dropdown list and select Secure TCP. Secure TCP means either TLS v1.2 or v1.1 because other versions of SSL, such as SSL v3 and TLS v1.0, have known weaknesses.
- Click to select Syslog/CEF Time Zone list box to UTC Time or Server Time, depending on your preference.
- Click the Save button.
Secure-Syslog-CEF-Logging
