All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Cisco AMP for Endpoints Config

merzinger
Splunk Employee
Splunk Employee
‎05-07-2021 10:06 AM

I am configuring the Cisco AMP for Endpoints input on our IDM instance.  When creating the input I am not able to specify the desired index for the data to go into.  My only options are main, summary, and history.  How do I specify my index?

Labels (1)
Labels
Tags (1)
0 Karma
Reply

merzinger
Splunk Employee
Splunk Employee
‎05-07-2021 11:24 AM

How would that allow me to specify an index?  The splunkbase app appears to not allow that.

0 Karma
Reply

diogofgm
SplunkTrust
SplunkTrust
‎05-07-2021 10:39 AM

Hi merzinger!
Have you tried to put the input into a private app and upload it? You need to pass the vetting but it should work. 

------------
Hope I was able to help you. If so, some karma would be appreciated.
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...