Hi @Ryutata,

You can integrate A360 with SIEM, audit logs can be sent to analytic tools, such as Splunk, Qradar, Sumologic, and ArcSight and view audit logs on Splunk dashboards.

According to the release notes, Splunk integration is supported from version:
https://docs.automationanywhere.com/bundle/enterprise-v2019/page/enterprise-cloud/topics/release-notes/release-automation-360-v23.html

You have to add a Data input in Splunk and configure a instance to listen on TCP/UDP port to capture the data, once you have Splunk configured and ready, you can configure A360 with SIEM integration as below. 

1. Log in to the control room with Admin credentials and navigate to Settings->Syslog
2. Add the Splunk Server Host , Port, Protocol  and save.

Here is the documentation on Configuring integration with SIEM:
https://docs.automationanywhere.com/bundle/enterprise-v2019/page/enterprise-cloud/topics/control-room/administration/settings/cloud-siem-integration-configuration.html

Hope this helps!

Thanks. 

@Ryutata  You have to install splunk forwarder into your control room server and configure log path in splunk header… 

Hi @ravi.pothana,

Thank you for letting me know.
Are SIEM integration features available in the cloud deployment model?

<Deployment model>
https://docs.automationanywhere.com/ja-JP/bundle/enterprise-v2019/page/enterprise-cloud/topics/security-architecture/cloud-automation-anywhere-enterprise-overview.html

Hi @Ryutata

Yes, SIEM integration features are available in cloud deployment. 

For cloud deployment model, you have to ensure IP address of cloud Control Room is whitelisted on SIEM server based on Region in customer infrastructure. 
https://docs.automationanywhere.com/bundle/enterprise-v2019/page/enterprise-cloud/topics/control-room/git-integration/cloud-git-whitelisted-nat-ips.html 

Thanks!

Hi @ravi.pothana 
Thanks for letting me know. I really appreciate your help.