Configure PingOne for Arctic Wolf monitoring

You can configure PingOne® by Ping Identity to send the necessary logs to Arctic Wolf® for security monitoring.

  • Access to the PingOne admin console with administrator permissions

Create a worker application

  1. Sign in to the PingOne admin console with administrator permissions.
    For more information, see Accessing the PingOne admin console.
  2. Navigate to Applications > Applications.
  3. Click .
  4. In the Add Application window, configure these settings:
    • Application Name — Enter a unique and descriptive name for the application.
    • Description — (Optional) Enter a description.
    • Application Type — Select Worker.
  5. Click Save.
  6. On the Roles tab, click Grant Roles.
  7. Click the Identity Data Read Only section.
  8. In the Environments section, select the checkbox for the environment that you want to monitor.
  9. Click Save.
  10. Copy the Environment ID, Client ID, and Client Secret, and then save them in a safe, encrypted location.

    You will provide these values to Arctic Wolf later.

Provide PingOne credentials to Arctic Wolf

  1. Sign in to the Arctic Wolf Unified Portal.
  2. In the navigation menu, click Data Collection > Cloud Sensors.
  3. Click Add Account +.
  4. On the Add Account page, click PingOne.
  5. Configure these settings:

    • Account Name — Enter a unique and descriptive name for the account.

    • Client ID — Enter the client ID from Create a worker application.
    • Client Secret — Enter the client secret from Create a worker application.
    • PingOne Environment ID — Enter the environment ID from Create a worker application.
    • API Top Level Domain — Select your domain from the list.

    • Credential Expiry — (Optional) Enter the credential expiration date, if applicable.

  6. Click Test and submit credentials.