1Password Events Reporting for Splunk

Empower security teams with greater visibility and actionable insights. The 1Password app for Splunk allows a Splunk® administrator to fetch data from your 1Password account including: * Item usage events (“Item usage” data shows which users accessed what items – logins, secrets, documents, etc – and when) * Successful and failed sign-in attempts * Audit events The 1Password Events Reporting for Splunk app works by using the 1Password Events API. The API is authenticated using a bearer token generated from the Integrations page in your 1Password account. With the 1Password for Splunk app you can: * Take decisive action with deeper, forensic analysis, if you are affected by a data breach * Prevent attacks with proactive threat detection using custom alerts and triggers * Get valuable insights into 1Password usage * Get a more complete overview of your company’s software usage with data correlation and enrichment from multiple apps and services Check out the source code here: https://github.com/1Password/events-api-splunk