Re: Does the Technology Add-on for RSA SecurID sup...

nychawk · ‎09-10-2015

Hello;

I've just installed "Technology Add-on for RSA SecurID" https://splunkbase.splunk.com/app/2872 on my syslog server (running a Universal Forwarder, that is pulling RSA logs from /var/adm/message, a to-do is to stuff RSA SecurID logs into a separate file). I've also installed on my indexers and search heads.

I am seeing sourcetypes:

rsa:runtime
rsa:system
rsa:admin

I was wondering if this add-on supports using the "RSA SecurID Application for Splunk" for reports (https://splunkbase.splunk.com/app/822) This app uses snmp to extract data, and I am unable to see where, or how, to alter it to use syslog instead.

Thank you,

-mi

joshd · ‎09-10-2015

Hi nychawk,

No it currently does not since the RSA app has not been updated in quite some time. I am however working on that as we speak and hope to have it updared/supported by early next week. I will post for you here when I am done.

Thanks,
Josh

casey18cc · ‎12-28-2015

Just stumbled across this as I just implemented your TA. Has there been any updates on making the TA and Splunk for RSA compatible?

Thanks,

Casey

nychawk · ‎09-10-2015

Thank you Josh, I can offer up myself to test if needed.

Regards,

-mi

Does the Technology Add-on for RSA SecurID support using the RSA SecurID Application for Splunk for reports?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Index This | What travels the world but is also stuck in place?

Discover New Use Cases: Unlock Greater Value from Your Existing Splunk Data

Continue Your Journey: Join Session 2 of the Data Management and Federation Bootcamp ...

Join the Conversation