Spread our blog

Integrate Zoom with Splunk: Splunk Connect for Zoom

Zoom is a widely used video conferencing tool. Due to the COVID-19 pandemic whole world is looking for a solution that will allow users to switch their daily conferences into virtual shapes. From school to colleges to big ITs to MNCs every one using zoom.

That’s why today we decided to showcase a demonstration to get useful zoom data of your organization into Splunk.

Let’s start, at first we will create an index called “zoom”.

Step1:

At the beginning go to the settings and click on indexes.

Then click on New Index

After that create the index.

Index name: zoom

And leave everything else default and click on Save

Step 2:

Now we will install the “Splunk Connect for Zoom” add-on to get the data in.

Go to the “Browse more apps

And search for “Splunk connect for Zoom” and Install.

Provide your splunk.com credentials and click on login and install.

Step3: Configure Splunk connect for zoom

Now go to the Settings and data inputs.

Then click on Zoom and add new.

After that configure data input as shown below.

Name: <data input name>

Port: 4443

Click on more settings

Sourcetype: manual

Sourcetype: <name of the sourcetype>

Index: <index name what we have created in step1>

After that save the input.

Step4:

Now we will configure the zoom platform to send logs into Splunk.

Now go to the “https://marketplace.zoom.us/

And log in with your zoom credentials.

You can also know about :  Nessus and Splunk Integration

Then click on Develop and Build app

After that scroll down to “webhook only, and click on create

Define a name for your new app.

And do these as follows, fill in all of this basic info like company name, name, and email address.

And click on continue.

Next, enable “event subscriptions

Subscription name: <any name>

Event notification endpoint URL: <put splunk endpoint url>

In the below format https://<public ip address where splunk is hosted>:4443

Next Click on add events,

after that, select the required data types that you want to monitor.

Then click on next

Then click on save and hit done.

Results:

Now go to Splunk and search for index=zoom to validate data is coming or not.

I hope you all have enjoyed this blog ” Integrate Zoom with Splunk: Splunk Connect for Zoom “, see you all on to the next one.

Happy splunking!!

What’s your Reaction?
+1
+1
+1
+1
+1
1
+1
+1

Spread our blog

RELATED ARTICLESMORE FROM AUTHOR

LEAVE A REPLY

Please enter your comment!
Please enter your name here