If you're having trouble at any stage please contact us at firstname.lastname@example.org.
Ping is a multi-factor authentication solution which provides multi-factor authentication for cloud-based applications, on-premises applications, VPNs Windows Servers and RDP, and Secure Shell.
The main challenges and needs are to:
- Get all audit events and alerts from Ping clod services into your SIEM/Log management system.
- The granular alerts and events should be available at the organization’s central log or event management system for compliance, investigation or forensic needs.
What is it
Exabeam Cloud Connector for Ping is part of the Exabeam Cloud Connectors module:
It continuously retrieves events and alerts from the different sources/APIs in the Ping cloud services and sends the events in a unified format to your Exabeam Advance Analytics (https://www.exabeam.com/product/exabeam-advanced-analytics/), Exabeam Data Lake (https://www.exabeam.com/product/exabeam-data-lake/) or your existing SIEM/Log management system.
How it works
Exabeam Cloud Connector for Ping retrieves the events from the Ping service through its APIs and send them to your SIEM/Log system of choice over syslog encoded in CEF/Json.
Connector's API/Audit Sources & Events Supported
|Audit Source (API)||Service/Module & Events|
|Administrator login||Provides admin login success and login failed events|
|Ping id administrative activity||
Provides events such as: updates in general settings updated, changes in authentication properties and account updates.
Provides user updates events such as (delete, create, password changed, etc) and password policy updates.
|Provisioning||Provides group updates events and user updates events.|
Provides SSO events such as init connection with sso, successful connection and failure of connection.
Provides device events such as device paired \ unpaired, device wipe success / time out.