Audit channels

Lenses supports secure channels configuration to allow you fine-tuned audit routing. You can choose from predefined channel types like Splunk (more to be added).

Once a channel is created, it can be used by you or any other user with correct permissions to route audits of your choice into this specific channel. It means you can send to Splunk a notification for a specific audit source. It’s up to you now where specific audits will be delivered.

  1. From the header bar menu, go to Admin panel.
  2. On the side navigation, select Channels under the audits section.

Audit channel types

At this moment, these types of audit channels are supported in Lenses:

  • Splunk
  • Webhook

List available channels

All configured audit channels are listed (see the screenshot below). From this page, you also edit or delete them. For your convenience, you can sort the results by each column, filter by type, or use the search box to find the channel you need.

List Available Channels

Create an audit channel

To create a new audit channel, click on the New Audit Channel button from the listing page. First, select the type of channel and then provide the configuration settings.

Create Audit Channel

Edit an audit channel

From the listing page, click on the edit icon that is visible next to each channel. A modal window will appear where you can change the name, connection, or other additional settings.

Edit Audit Channel

Delete an audit channel

If you don’t need a channel anymore, you can also remove it by clicking on the trash icon that is visible next to each channel. A check will be made if there are any audits assigned to this channel and information presented to you in such a case, so you can be sure you don’t delete any channel that is being used.

Delete Audit Channel

Toggle an audit channel

To enable or disable the audit channel, click on the toggle under the Route Audits column.

Toggle Audit Channel