Empower security teams with greater visibility and actionable insights.
The 1Password app for Splunk allows a Splunk® administrator to fetch data from your 1Password account including:
* Item usage events (“Item usage” data shows which users accessed what items – logins, secrets, documents, etc – and when)
* Successful and failed sign-in attempts
* Audit events
The 1Password Events Reporting for Splunk app works by using the 1Password Events API. The API is authenticated using a bearer token generated from the Integrations page in your 1Password account.
With the 1Password for Splunk app you can:
* Take decisive action with deeper, forensic analysis, if you are affected by a data breach
* Prevent attacks with proactive threat detection using custom alerts and triggers
* Get valuable insights into 1Password usage
* Get a more complete overview of your company’s software usage with data correlation and enrichment from multiple apps and services
Check out the source code here: https://github.com/1Password/events-api-splunk