Event streaming

The event streaming feature in Strivacity lets you set up integrations with supported data streaming vendors to send important events and logs to external platforms. With this feature, you can monitor, analyze, and gain insights into your instance's activities and performance using your preferred data tools.

Capabilities

Send events to external platforms
Strivacity’s event streaming capability allows you to forward different types of events to external data platforms automatically. You can choose to send:
- Audit logs: Comprehensive logs that capture administrative and system actions within Strivacity.
- Account events: Events related to customer activities, such as when a customer attempts to log in, changes their password, receives a multi-factor authentication (MFA) code, or performs other key identity-related actions.
Flexible data inclusion
You can specify native claims to include in your event payload. This makes it easy to customize the information you send to your analytics, monitoring, or security tools.
Multiple integrations
Strivacity supports multiple event streaming vendors out of the box, and you can run more than one integration at the same time if needed.
Easy configuration
Configuration for each supported vendor is done through the Admin Console. You can enable or disable streaming, provide the necessary credentials, and tailor the data that gets sent.
Resilient data delivery
A simple retry mechanism is built into the platform to handle transient network or endpoint issues.

Use cases

Security monitoring and SIEM integration
Forward events to a Security Information and Event Management (SIEM) solution such as Splunk to detect suspicious login attempts, track changes to customer accounts, or watch for anomalies in real time.
Audit and compliance
Export audit logs to Elasticsearch for long-term storage, compliance reporting, or forensic investigations. Retain a complete record of administrative changes, customer flows, and policy updates.
Operational analytics
Centralize your logs and events in an analytics platform to gain visibility into performance metrics, customer behaviors, and other operational insights.
Alerting and incident response
Trigger alerts in external tools when certain types of account or audit events occur (for example, a high volume of failed login attempts). Respond to incidents faster by correlating Strivacity events with logs from other systems.

Configuration

Event streaming configurations can be managed in the Admin Console under Instance configuration and Event streaming. From here, you can add or edit configurations for your chosen vendors.

General steps

Navigate to Event streaming
Go to Admin Console > Instance configuration > Event streaming.
Add configuration
Click +Add configuration to create a new event streaming setup.
Select a vendor
Choose Splunk or Elasticsearch.
Fill in required fields
Provide a name, description, and any required endpoint details.
Enable audit log streaming and/or account event streaming
Select which types of events you want to stream.
Include Native Claims
If you want to include specific customer attributes in the event payload, you can specify them here.
Save and enable
Select Save (and enable if not automatically enabled) to activate the streaming configuration.

For vendor-specific details, see the configuration guides for:

Next steps

Test your integration
After saving your configuration, trigger a few test events (for example, customer login) and confirm that they appear in your external system.
Create dashboards and alerts
Use Splunk dashboards or Elasticsearch/Kibana visualizations to gain insights into Strivacity events. Configure alerts based on your security or operational requirements.

Additional notes

Retry mechanism: Strivacity implements a simple retry mechanism for event delivery if the endpoint is temporarily unavailable.
Linking back to Strivacity: Each streamed event includes a unique identifier (eventID). This allows you to link back to the specific event in the Strivacity Admin Console for deeper investigation if needed.