How Splunk Works with UBbox

Learn how Splunk works with UBbox, and how to gain access.

When a restricted data folder is approved and provisioned, monitoring via Splunk is also established and access to Splunk is given to the restricted data stewards or their designees/data users. UBIT provides data stewards with a default monitoring configuration consisting of a Splunk dashboard and set of email alerts.

It is the restricted data steward's responsibility to use the Splunk monitoring provided to insure security of restricted data. The data steward may modify the monitoring configuration, but modification must be approved by the security/privacy official associated with the restricted data.

Splunk logs all access to sensitive data. For each access event, the minimum following information will be logged:

The UBITName that accessed the data
Name of the folder or file accessed
Date & time of the access
Client IP
Action taken on restricted data folder or file

The following restricted data access events will be logged and will produce alerts (email) sent to the data stewards and security/privacy officials:

A collaboration invitation was issued for a folder
Data from a folder was downloaded
A subfolder was created with a name that doesn't follow proper naming protocol

Next: Modifications and Data Roles in Splunk

How Splunk Works with UBbox

Help

News and Alerts

About Us

Forms

IT Policies

Follow UBIT