Is there a way to monitor that data is received regularly, and alert when out of compliance?
I would love to setup alerting for our GCP and Azure environmennts.
If you have sufficient data from GCP and Azure coming into Splunk then, yes, it's possible.
Start by creating a search to determine if you are out of compliance. Once you are satisfied with the search, click Save As and choose Alert. Complete the form, save, and you're done.
Related
I need some help and guidance related to sending data from SPLUNK to Salesforce.
Basically, I am trying to extract few features and information from Splunk dashboard and I need to send that data to salesforce while creating a case. Such that the case is created with all those details automatically with the single click of the submit button from SPLUNK dashboard.
I read/tried the SPLUNK add on for Salesforce, however, this is more about pulling the salesforce data to SPLUNK but not about pushing the data from SPlUNK to salesforce.
Could you please guide me, how can we achieve this?
You can use Splunk Alert Actions to trigger an action against a Salesforce REST endpoint or webhook.
Refer to https://docs.splunk.com/Documentation/AddonBuilder/3.0.2/UserGuide/CreateAlertActions if you wish to use the Splunk Add-On builder, or https://docs.splunk.com/Documentation/Splunk/latest/Alert/Configuringscriptedalerts if you are comfortable coding it yourself.
A summary of the process can be found at https://simonduff.net/splunk_alert_script/
Can you share what Salesforce API you are trying to interact with and what information you wish to provide it. It may just be as simple as creating a particular URL, rather than using REST to post information to it.
I am using Amazon SES to send transactional application emails. I want an audit log of every email sent by the system.
As an example, I might want to see a log of every email we sent to john.smith#example.com.
I followed the instructions for using Cloudwatch to log SES events. However, this only actually logs metrics, not data logs. So all I see in Cloudwatch is a graph of how many emails were sent at different times under the metrics tab. I can't search a log anywhere to find individual SES events.
I also looked into using Cloudtrail to log SES events, but Cloudtrail only logs management events. It does not log data events like emails being sent.
I have setup SNS notifications on all SES events (such as send or bounce). This is really useful, but does not achieve my aim of having a long term audit log.
As far as I can tell Amazon do not support the kind of logging I want to record. Maybe I could write events to our application database as we produce them, but it seems a shame to have to introduce my own custom logging system.
Does anyone know a way to have AWS store my SES data events?
Yes, Amazon doesn't have any easy to monitor you ask, an easier solution would be to add a Configuration set header and a unique message tag whenever any email is being sent to john.smith#example.com, In configuration set, you can enable Cloudwatch or preferred SNS Destination and create delivery dashboard using link below:
https://docs.aws.amazon.com/ses/latest/DeveloperGuide/bouncecomplaintdashboard.html
This isn't the logs but It creates a nice excel file of email details which can be used for Audit purpose.
I opened a ticket with AWS about this, here is their response.
I understand that you wanted to know whether SES provides logs about events of an email that was accepted by SES for delivery in a searchable format. Please correct me if I’m wrong.
SES provides logs as notification[1] for each event(Delivery, Bounce, Complaint) to SNS and it doesn’t provide event logs in a consolidated manner which would be helpful for indexing according to email addresses and searching purpose. However, in SNS you can configure a variety of subscriber like(Email, SQS, Lambda, HTTP endpoint) where the logs in JSON format would be delivered. In the destination of SNS like Lambda and HTTP Endpoint or email, you can parse the JSON file and store in a suitable format which would be helpful for indexing and searching purpose.
If SQS is being used, each JSON log will be stored individually in the SQS queue for some time. You can periodically query the SQS endpoint and retrieve the logs and consolidate it to a single file and use it for analysis.
Apart from that, unfortunately SES doesn’t provide any other format of logs for an email it accepted for delivery.
Do let me know if you require any further assistance, I’ll be happy to help.
References:
[1]. https://docs.aws.amazon.com/ses/latest/DeveloperGuide/monitor-sending-using-notifications.html
I'm currently working on a smart lock project. And we want to let our backend server send commands to the relating smart lock. And we are considering Google smart home actions to send some sort of command to the smart lock from our backend server to open/close the lock. But I want to ONLY let the backend server send these commands to the smart locks, and NOT everybody who is connected to the wifi network (as most of the times everybody on the network can control all smart home devices e.g. set volume of speaker, open front door, dim lights etc. etc.). I have seen some things about account linking inside, but not sure if that's what I need. So my question was: Is there a way using smart home actions to only give one person (or in this case entity) access to do certain actions? Thanks in advance.
You can use two-factor authentication to require a person to give an ack or PIN to send the final command.
The specific architecture of the lock and its connection is up to you, but I don't believe there is a way to limit control of the lock to specific accounts. If there is a Google Home, any individual in the home is able to issue the initial command. If this individual knows the PIN, they can say that as well.
When creating a new app on https://developers.google.com/mobile/add?platform=android&cntapi=gcm, I got the following to check or uncheck:
Share your Google Mobile Developer Services data with Google to help
improve Google's products and services. This includes sharing with
Google technical support, account specialists, and anonymous data for
benchmarking. If you disable this option, data can still flow to other
Google products that are explicitly added.
Unfortunately I accidentally checked the field/allowed sharing.
How can I disable/disallow it now after project is already created? Does anybody know how to do that?
Nothing is explicitly stated on which service this data sharing will be applied. However, just doing a quick search of that statement points to it being used for Analytics only.
And if you want to turn the data sharing off for Analytics, you can refer to this help doc:
Change your data sharing settings
You need edit permission to use this feature.
You must customize your data sharing settings when you sign up for an Analytics account, but you can return to the Admin section of an account and change the settings any time.
To change the data sharing settings:
Sign in to Google Analytics.
Select the Admin tab and navigate to the account you want to edit.
In the ACCOUNT column, click Account Settings.
Edit any setting and click Save.
If you just intend to use the project for GCM, I think it doesn't really matter if you allow it or not.
Is it possible to get MailChimp or Mandrill to notify a webhook URL whenever a message is either created for a list, or scheduled to be sent, along with the list and message IDs?
I have a client that wants to intercept messages from his campaign, add special data from his server, then send the resulting template through his connected Mandrill account. I'm trying to figure out how to implement the first step in this process.
Although I know this is old someone may stumble into this thread, have you checked out the webhook information?
http://help.mandrill.com/entries/58303976-Message-Event-Webhook-format
It has an easy way to implement it inside the account. You just setup a URL to intercept and parse the incoming data. I recommend first saving the data then using a scheduled task to parse the job separately so you don't lose data (although mandrill will try 100x).
If the unique id is not enough for you with your events, and you are concerned about specific campaigns you can tag the emails upon send and they will have the tagged information with the incoming event.