About EAA logs
This guide provides an overview of the different EAA data feeds generated by Enterprise Application Access (EAA) and how to consume them either using API, or with your SIEM. It also describes the contents from each log field and explain their meanings in a dictionary of data available in the logs.
The Enterprise Application Access application has a full suite of APIs. You need to build scripts to interact with the service. You can either write your own code to interact with the service or use pre-existing tools such as our Log Streamer, CLI or Splunk application.
Our EAA Splunk application is compatible up to Splunk 7.x Enterprise. EAA Splunk application users are encouraged to migrate to Log Streamer to benefit from additional data feeds, compatibility with Splunk Free Edition.
| EAA Log type | User Access Logs definition | Admin Audit Logs definition | Connector Health definition |
|---|---|---|---|
| Akamai Log Streamer | ✓ | ✓ | ✓ |
| CLI EAA | ✓ Command line example | ✓ Command line example | ✓ Command line example |
| EAA API | ✓ | ||
| EAA Splunk app (up to Splunk 7) | ✓ |
For information on how to download and install the Splunk app, see Splunk installation manual.
In case of any issues contact support.
Updated 4 months ago