All Apps and Add-ons

Does the Technology Add-on for RSA SecurID support using the RSA SecurID Application for Splunk for reports?

nychawk
Communicator

Hello;

I've just installed "Technology Add-on for RSA SecurID" https://splunkbase.splunk.com/app/2872 on my syslog server (running a Universal Forwarder, that is pulling RSA logs from /var/adm/message, a to-do is to stuff RSA SecurID logs into a separate file). I've also installed on my indexers and search heads.

I am seeing sourcetypes:

rsa:runtime
rsa:system
rsa:admin

I was wondering if this add-on supports using the "RSA SecurID Application for Splunk" for reports (https://splunkbase.splunk.com/app/822) This app uses snmp to extract data, and I am unable to see where, or how, to alter it to use syslog instead.

Thank you,

-mi

0 Karma

joshd
SplunkTrust
SplunkTrust

Hi nychawk,

No it currently does not since the RSA app has not been updated in quite some time. I am however working on that as we speak and hope to have it updared/supported by early next week. I will post for you here when I am done.

Thanks,
Josh

0 Karma

casey18cc
Explorer

Just stumbled across this as I just implemented your TA. Has there been any updates on making the TA and Splunk for RSA compatible?

Thanks,

Casey

0 Karma

nychawk
Communicator

Thank you Josh, I can offer up myself to test if needed.

Regards,

-mi

0 Karma
Register for .conf21 Now! Go Vegas or Go Virtual!

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.