Learn how Splunk works with UBbox, and how to gain access.
When a restricted data folder is approved and provisioned, monitoring via Splunk is also established and access to Splunk is given to the restricted data stewards or their designees/data users. UBIT provides data stewards with a default monitoring configuration consisting of a Splunk dashboard and set of email alerts.
It is the restricted data steward's responsibility to use the Splunk monitoring provided to insure security of restricted data. The data steward may modify the monitoring configuration, but modification must be approved by the security/privacy official associated with the restricted data.
Splunk logs all access to sensitive data. For each access event, the minimum following information will be logged:
The following restricted data access events will be logged and will produce alerts (email) sent to the data stewards and security/privacy officials:
Access to Splunk is provided by CIT upon approval for storing restricted data in Box and when the restricted data folder is established. Credentials are UBITName and password. Each data steward will be provided their own dashboard.