All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Getting started with Nexpose Application

sammyvino
New Member
‎07-15-2014 12:37 AM

Hello there. I am new in Splunnk. I have just studied about this apps in my college study. I want to ask you about the Nexpose on Splunk. There is free and license version. I am using free vesion, but there is a problem in my app. No result found in the dashboard. The data that I used is from the tutorial from Splunk. Thank you very much for your attention. I need your help.

Tags (2)
0 Karma
Reply

Rapid7_Integrat
Engager
‎07-30-2014 08:32 AM

The Nexpose Splunk App uses a scripted input to collect data from your Nexpose console. This script is executed by Splunk on a cron which is configured by default to run at 4am each morning - therefore the dashboard will be empty until the cron executes at 4am (at which point data should appear).

If you want to execute the collection of data at a different time you have two options:
1) Change the cron and restart Splunk.
2) Run the script manually.

From version 2.0 of the Nexpose Splunk App, the Nexpose credentials are stored by Splunk which requires a session key (which is given to the script by Splunk when it is executed via the cron). When executing the script manually, follow the instructions on screen (note it requires access to Splunk's python modules) to obtain a session key.

Further to this, the Nexpose Splunk application uses reports from Nexpose which are only available in the enterprise version of Nexpose so if you are using the community edition the application will not be able to obtain data. If this is an issue, you can easily obtain a trial version of Nexpose enterprise.

0 Karma
Reply
Get Updates on the Splunk Community!

What the End of Support for Splunk Add-on Builder Means for You

Hello Splunk Community! We want to share an important update regarding the future of the Splunk Add-on Builder ...

Solve, Learn, Repeat: New Puzzle Channel Now Live

Welcome to the Splunk Puzzle PlaygroundIf you are anything like me, you love to solve problems, and what ...

Building Reliable Asset and Identity Frameworks in Splunk ES

 Accurate asset and identity resolution is the backbone of security operations. Without it, alerts are ...