QEHSQEHS
Book a demo

Integrations / Observability + SIEM

Elastic

Elastic audit log stream.

Observability + SIEMGenerally availableEnterprise only

Stream audit + event logs into Elasticsearch with structured mappings.

Book a demoTalk to sales

Capabilities

  • Structured mapping
  • Optional OpenSearch variant

Setup steps

  1. Enable the Elastic connector in Settings → Integrations.
  2. Copy the QEHS metadata URL and paste it into your IdP application.
  3. Map user attributes to the required QEHS claims.
  4. Test the connection with a sandbox user.
  5. Enable for all users and verify provisioning logs.

Other Observability + SIEM connectors

Splunk

SIEM audit log forwarder.

Datadog

Logs + metrics forwarder.

Sumo Logic

Hosted SIEM forwarder.

Every integration is auditable

HMAC-signed webhooks, OpenAPI 3.1, SDKs in every major language.

Integrations layer sits on top of the same audit log your security team already reviews, nothing bypasses the tenant boundary.

See all integrationsProduct overview