All Apps and Add-ons

Getting started with Nexpose Application

sammyvino
New Member

Hello there. I am new in Splunnk. I have just studied about this apps in my college study. I want to ask you about the Nexpose on Splunk. There is free and license version. I am using free vesion, but there is a problem in my app. No result found in the dashboard. The data that I used is from the tutorial from Splunk. Thank you very much for your attention. I need your help.

Tags (2)
0 Karma

Rapid7_Integrat
Engager

The Nexpose Splunk App uses a scripted input to collect data from your Nexpose console. This script is executed by Splunk on a cron which is configured by default to run at 4am each morning - therefore the dashboard will be empty until the cron executes at 4am (at which point data should appear).

If you want to execute the collection of data at a different time you have two options:
1) Change the cron and restart Splunk.
2) Run the script manually.

From version 2.0 of the Nexpose Splunk App, the Nexpose credentials are stored by Splunk which requires a session key (which is given to the script by Splunk when it is executed via the cron). When executing the script manually, follow the instructions on screen (note it requires access to Splunk's python modules) to obtain a session key.

Further to this, the Nexpose Splunk application uses reports from Nexpose which are only available in the enterprise version of Nexpose so if you are using the community edition the application will not be able to obtain data. If this is an issue, you can easily obtain a trial version of Nexpose enterprise.

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...