Pull user accounts and role assignments from Splunk Enterprise or Splunk Cloud using a bearer token.
Source connector — pulls identity and access data from Splunk into ComplianceScout where it is scored against your compliance frameworks and violation rules.
After a successful sync, the following data is available in your ComplianceScout dashboard for violation detection and reporting.
These fields are collected when you add the connector in the ComplianceScout dashboard. Secrets are encrypted at rest using AES-256-GCM and are never logged.
| Field | Type | Required | Notes |
|---|---|---|---|
| Management API URL | URL | Required | e.g. https://splunk.acme.com:8089. |
| Auth token | Secret | Required | Create an auth token in Splunk Web → Settings → Tokens. The token user needs the list_settings capability. |
Follow these steps to gather the credentials above and connect Splunk to ComplianceScout.
Log in to Splunk Web as an admin and go to Settings → Tokens → New Token.
Set the audience to "ComplianceScout", configure an expiry, and copy the token value.
Ensure the token's associated user has the list_settings and list_storage_passwords capabilities.
Find your management API URL — typically https://your-splunk-host:8089.
In ComplianceScout, go to Data & Secrets → Integrations → Add Connector → Splunk, enter the API URL and token, then click Test and Save.
Start a free trial — your tenant is provisioned instantly and you can wire up this integration from the connectors page.