Skip to content

Saviynt

Cyderes supports the ingestion of logs from Saviynt.

Saviynt manages user identity provisioning. Saviynt Enterprise Identity Cloud (EIC) generates audit logs that record all actions performed by an user such as changes to SAV role, changes to global configurations, changes to connections, and more. Note: Due to limitations of the Saviynt API, this integration can only ingest logs once every 10 hours

Chronicle Data Types

  • SAVIYNT_EIP

Requirements

Create an Analytics Record

  1. Create a new runtime analytics control (V2) using a SQL Query. For more information, see Analytics Control V2 using SQL query.

Set up Permissions

It is recommended that you create a dedicated user with the least privileges required to request audit logs from the Saviynt API. In EIC, you can associate a Role Admin SAV Role or a custom SAV Role to a user.

  1. Create a user ID, for example cyderes-id. For more information on creating users, see Creating Users. For more information on changing the password of the user, see Managing Users.
  2. Create a SAV Role, for example ROLE_CYDERES.
  3. Assign SAV Role permissions.
    1. Assign the SAV Role the permission to access the web service URL of the API. For more information, see Creating SAV Roles - Web Service Access.
    2. Assign the SAV Role the permission to verify the analytics record that you created. For more information, see Creating SAV Roles - Analytics.
  4. Add the SAV Role to the user. For more information, see Creating SAV Roles - Users.

Gather Information

Provide the following information to Cyderes to complete implementation:

  • Username
  • Password
  • Saviynt URL - company specific Saviynt URL
  • Analytic Namespace - The name of the Analytics Record created above