All Apps and Add-ons

Error "snapshot download failed. reason=optic_client> Failed to retrieve snapshot url: cannot find the snapshot"

nareerat_pr
Explorer

I was trying to install the Anomali ThreatStream Community App but get the following errors:

"snapshot download failed. reason=optic_client> Failed to retrieve snapshot url: cannot find the snapshot"

how do I fix it?
(I'm using the ThreatStream OnPrem product.)

0 Karma
1 Solution

mkanomali
Engager

The Anomali ThreatStream App for Splunk does not support direct connections to ThreatStream On Prem appliances. On Prem appliances lack the capability to create IOC snapshots and require an Anomali Integrator instance to act as a go between for integrations. Integrator will download the relevant IOCs and ThreatModels to create snapshots for other integrations.

If you need any help setting up Integrator, you can find the binaries/admin guide at https://ui.threatstream.com > Downloads. Alternatively, you can reach out to your Anomali support team if you have any additional questions

View solution in original post

0 Karma

mkanomali
Engager

The Anomali ThreatStream App for Splunk does not support direct connections to ThreatStream On Prem appliances. On Prem appliances lack the capability to create IOC snapshots and require an Anomali Integrator instance to act as a go between for integrations. Integrator will download the relevant IOCs and ThreatModels to create snapshots for other integrations.

If you need any help setting up Integrator, you can find the binaries/admin guide at https://ui.threatstream.com > Downloads. Alternatively, you can reach out to your Anomali support team if you have any additional questions

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...