https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/371349#M67412 <P>Hello Team ,</P> <P>we have requirement to integrete the proofpoint threat response [ TRAP] appliance logs within splunk. i have checked and gone through documentation here and it seems we have options to integrate proofpoint email gateway and tap appliances but it seems there is no info i could find on how to integrate proofpoint Trap within spunk .</P> <P>Kindly help to understand this , may be what i suspect is all logs we can capture using proofpoint email gateway itself and trap integration is not required or there is way to integrate the trap appliances logs , i dont have much idea how proofpoint exactly functions which is causing more confusion</P> <P>Help is appreciated , currently we have proofpoint email gateway and TAP appliances and trap implemented in the organization and we are planning to integrate all 3 with splunk</P> Wed, 03 Jan 2018 17:04:00 GMT SunilMaharishi 2018-01-03T17:04:00Z https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/371349#M67412 <P>Hello Team ,</P> <P>we have requirement to integrete the proofpoint threat response [ TRAP] appliance logs within splunk. i have checked and gone through documentation here and it seems we have options to integrate proofpoint email gateway and tap appliances but it seems there is no info i could find on how to integrate proofpoint Trap within spunk .</P> <P>Kindly help to understand this , may be what i suspect is all logs we can capture using proofpoint email gateway itself and trap integration is not required or there is way to integrate the trap appliances logs , i dont have much idea how proofpoint exactly functions which is causing more confusion</P> <P>Help is appreciated , currently we have proofpoint email gateway and TAP appliances and trap implemented in the organization and we are planning to integrate all 3 with splunk</P> Wed, 03 Jan 2018 17:04:00 GMT https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/371349#M67412 SunilMaharishi 2018-01-03T17:04:00Z https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/371350#M67413 <P>There is not currently an integration with Splunk to send the TRAP logs into Splunk. We are working on adding this in a future release but do not have a firm timeline yet. </P> <P>You are correct, only the email gateway and TAP have an integration with Splunk currently.</P> <P>You can download the APP and related TA's here-</P> <P>App:<BR /> <A href="https://splunkbase.splunk.com/app/3727/#/details">https://splunkbase.splunk.com/app/3727/#/details</A></P> <P>Gateway TA:<BR /> <A href="https://splunkbase.splunk.com/app/3080/">https://splunkbase.splunk.com/app/3080/</A></P> <P>TAP TA:<BR /> <A href="https://splunkbase.splunk.com/app/3681/">https://splunkbase.splunk.com/app/3681/</A></P> Wed, 03 Jan 2018 18:24:14 GMT https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/371350#M67413 eckolp2003 2018-01-03T18:24:14Z https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/371351#M67414 <P>Thank you . So is integrating the gateway and tap solve the issue or trap does provide significant logs which aren't captured at email gateway end . </P> <P>I mean email gateway also can send quarantine email and other logs . If you have any idea will be helpful</P> Wed, 03 Jan 2018 19:13:28 GMT https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/371351#M67414 SunilMaharishi 2018-01-03T19:13:28Z https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/371352#M67415 <P>TRAP will have just logging of incidents which are basically pulled emails related to threats. This will still only be logged in the TRAP console but you can see the TAP related events in Splunk.</P> Wed, 03 Jan 2018 21:08:24 GMT https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/371352#M67415 eckolp2003 2018-01-03T21:08:24Z https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/371353#M67416 <P>I know this is a very old thread, but I'm looking for a proofpoint TRAP add-on for Splunk. I see that the data can come in via syslog, but I'm concerned about field extractions. Is there one yet, or is there documentation for it yet?</P> Wed, 20 Mar 2019 14:44:49 GMT https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/371353#M67416 manderson7 2019-03-20T14:44:49Z https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/371354#M67417 <P>I am also looking for this, Any updates from Proofpoint on this one?</P> Thu, 31 Oct 2019 18:20:49 GMT https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/371354#M67417 skyelowryvancit 2019-10-31T18:20:49Z https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/371355#M67418 <P>Same here... Looking forward to integrate TRAP with splunk</P> Tue, 03 Dec 2019 16:38:35 GMT https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/371355#M67418 ylucena 2019-12-03T16:38:35Z https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/509371#M86649 <P>Just checking in to see if there has been any updates on proofpoint TRAP integration. I have been able to get the events into Splunk via syslog, but parsing is another matter. Unless I missed something I don't see any TA currently available in Splunkbase.</P> Wed, 15 Jul 2020 18:35:32 GMT https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/509371#M86649 riegelo 2020-07-15T18:35:32Z https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/640625#M109334 <P>Hi there,</P><P>I know it passed quite a long time, but I am struggling to import TRAP logs into Splunk too.<BR />Any news about this? Where did you set up syslog forwarding?</P><P>Thanks in advance</P> Wed, 19 Apr 2023 15:12:56 GMT https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/640625#M109334 lpino 2023-04-19T15:12:56Z https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/640827#M109340 <P>Hello! Any news about TRAP the integration?</P> Thu, 20 Apr 2023 12:50:02 GMT https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/640827#M109340 lpanella 2023-04-20T12:50:02Z https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/671264#M112518 <P>Hello, we have a requirement for this as well. Is there any update to this discussion? We have a need to integrate data sourced from ThreatResponse into our splunk solution.</P> Fri, 08 Dec 2023 14:05:13 GMT https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/671264#M112518 jbuckner85 2023-12-08T14:05:13Z https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/692359#M115105 <P>Any chance that there will be a Splunk integration for TRAP?</P> Wed, 03 Jul 2024 19:27:04 GMT https://community.splunk.com/t5/Getting-Data-In/Resource-guide-sought-for-ProofPoint-TRAP-ThreatResponse/m-p/692359#M115105 rferg06 2024-07-03T19:27:04Z