All Apps and Add-ons

DenyAll Application Security Dashboard configure

ovp
New Member

Hi,

How to configure Splunk in Denyall.

I need to install at Denyall server and which path need to install?

Can i get the manual

0 Karma

desmondw_splunk
Splunk Employee
Splunk Employee

Hi,

It's good to install Splunk Enterprise on server separately from DenyAll server.
The path to install Splunk Enterprise can be default or changed during installation process.

After installation of DenyAll app into Splunk Enterprise, I'd highly recommend you to ensure the sysylog port 514 (UDP) is opened in Splunk server, as DenyAll server will send syslog events using port 514 (as I noticed that I can't changed the Port in DenyAll console).
The dashboard and events will not work in Splunk due to inability to open port 514 in Splunk server, especially on CentOS or Linux, due to inability to open port 514 if you run/start Splunk using non-root user.

All the best. Cheers !

0 Karma
Get Updates on the Splunk Community!

See just what you’ve been missing | Observability tracks at Splunk University

Looking to sharpen your observability skills so you can better understand how to collect and analyze data from ...

Weezer at .conf25? Say it ain’t so!

Hello Splunkers, The countdown to .conf25 is on-and we've just turned up the volume! We're thrilled to ...

How SC4S Makes Suricata Logs Ingestion Simple

Network security monitoring has become increasingly critical for organizations of all sizes. Splunk has ...