All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Cisco AMP for Endpoints Config

merzinger
Splunk Employee
Splunk Employee
‎05-07-2021 10:06 AM

I am configuring the Cisco AMP for Endpoints input on our IDM instance.  When creating the input I am not able to specify the desired index for the data to go into.  My only options are main, summary, and history.  How do I specify my index?

Labels (1)
Labels
Tags (1)
0 Karma
Reply

merzinger
Splunk Employee
Splunk Employee
‎05-07-2021 11:24 AM

How would that allow me to specify an index?  The splunkbase app appears to not allow that.

0 Karma
Reply

diogofgm
SplunkTrust
SplunkTrust
‎05-07-2021 10:39 AM

Hi merzinger!
Have you tried to put the input into a private app and upload it? You need to pass the vetting but it should work. 

------------
Hope I was able to help you. If so, some karma would be appreciated.
0 Karma
Reply
Get Updates on the Splunk Community!

New Case Study: How LSU’s Student-Powered SOCs and Splunk Are Shaping the Future of ...

Louisiana State University (LSU) is shaping the next generation of cybersecurity professionals through its ...

Splunk and Fraud

Join us on November 13 at 11 am PT / 2 pm ET!Join us for an insightful webinar where we delve into the ...

Build Your First SPL2 App!

Watch the recording now!.Do you want to SPL™, too? SPL2, Splunk's next-generation data search and preparation ...