Anybody has idea of the integration of SIEM Tools with RSA VIA.
We are particularly interested in SIEM Tools like SPLUNK & QRADAR.
What are the mechanisms supported by RSA to achieve this?
The common mechanism employed with Splunk with IGL is to collect the logs from Wildly and AFX server. There is no other integration (like Splunk App)
Of course our first question would be - "why aren't you using RSA NetWitness?" - but if you must use another SIEM I would look at the RSA NetWitness collector configuration guide for RSA Identity Governance and Lifecycle (formerly RSA Via) - https://community.rsa.com/docs/DOC-39992. Events can be collected from the Governance and Lifecycle database and assume other SIEMs have similar database collection capabilities. If you want to see what we log - System --> Audit Logging when logged in as an administrator.
Retrieving data ...