SIEM INTEGRATION WITH Octopus deploy

Hi Team,

I am Prabhjot working on Octopus Deploy. I am looking for SIEM integration with Octopus Deploy and did not find any related documentation. Can you please guide me on this.

Thanks,
Prabhjot

Hi @prabhjotkour.91,

Thanks for getting in touch!

We don’t have any direct integration with SIEM; however, if you can perform the actions within SIEM via scripting or an API then you will be able to use Run a Script steps within your deployment process to run them.

Regards,
Paul

Hi Paul,

Thanks for the reply. Can you please provide link to document on this or the script or API endpoint, which will work out.

Thanks,
Prabhjot

In what way are you wanting to integrate with SIEM?

Is there some action you’re wanting to take during a deployment?

Hi Paul,

I saw that for audit streaming Octopus support splunk. Can you please let me know what format we will get on splunk for the audit streaming. Is it CEF format?

Thanks,
Prabhjot

Ah, ok, you’re wanting to stream the audit logs externally.

We do have some documentation regarding that here: Audit Stream | Documentation and Support

It’s worth noting that this feature is only available on our Enterprise-tier licenses.

I don’t believe we’re using CEF format but I’m currently unable to find any reference to this within the documentation or internally to confirm for certain.

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.