Configure Idira PAM for Arctic Wolf monitoring
You can configure Idira Privileged Access Management (PAM) (formerly CyberArk Privileged Access Management (PAM))® to send the necessary logs to Arctic Wolf® for security monitoring.
These resources are required:
- An activated Arctic Wolf Sensor or Virtual Log Collector (vLC)
- Access to the Idira (formerly CyberArk) Vault Server as the local administrator
- Access to the Idira (formerly CyberArk) Privileged Threat Analytics (PTA) server as the root user
Configure the Vault Server to send syslog records
Configure the PTA server to send syslog records
Configuring the Idira (formerly CyberArk) PTA to send syslog records is not required. Arctic Wolf recommends completing this step to get the best security value from this integration.