How to get Qualys knowledgebase data into splunk i...

All Apps and Add-ons

Hi All,

I am integrating Qualys with splunk to get the VM data.I installed Qualys add on on HF and SH, and enabled host_detection input on HF nad knowledge_base input on SH.I am successfully getting host_detection data into main index .When script runs for knowledgebase data,first it is adding to tmp directory in ADD-ON folder and updating lookup table qualys_kb.csv but not into main index.Can you let me know where i am missing?i couldnot see any errors on /opt/splunk/var/log/splunk/ta_qualyscloudplatform.log and splunkd.log.
INput on HF
[qualys://host_detection]
duration = */10 * * * *(for every 10 min for testing )
index = vulnerability
start_date = 2109-09-01T00:00:00Z
disabled = 0
Input on SH
[qualys://knowledge_base]
duration = */15 * * * *(for every 15 min for testing)
index = vulnerability
start_date = 2019-09-01T00:00:00Z
disabled = 0

Can you help me out ?

Get Updates on the Splunk Community!

How to get Qualys knowledgebase data into splunk index after qualys_kb.csv lookup getting updated?

Strengthen Your Future: A Look Back at Splunk 10 Innovations and .conf25 Highlights!

Now Offering the AI Assistant Usage Dashboard in Cloud Monitoring Console

Stay Connected: Your Guide to October Tech Talks, Office Hours, and Webinars!

Are you a member of the Splunk Community?

How to get Qualys knowledgebase data into splunk index after qualys_kb.csv lookup getting updated?

Strengthen Your Future: A Look Back at Splunk 10 Innovations and .conf25 Highlights!

Now Offering the AI Assistant Usage Dashboard in Cloud Monitoring Console

Stay Connected: Your Guide to October Tech Talks, Office Hours, and Webinars!