Re: McAfee DB Mon REST API Integration not showin...

deepan1n1 · ‎08-12-2015

I am trying to add McAfee DM Mon tool to Splunk via REST Data Input (XML format). I have the index created, all the fields on UI is filled in (url/basic auth/usrname/auth passwd/sourcetype/index ..etc). But no data is being seen in search. Is there any config file I need to be looking into ?

deepan1n1 · ‎08-14-2015

Managed to sort this out. Apparently there was proxy field to be filled in which I wasn't told before.

mreynov_splunk · ‎08-12-2015

what do you mean when you say " all the fields on UI is filled in"? - are you seeing data?
I would try a couple of things:
1. are you seeing errors in index=_internal? are you sure something is coming back from your API calls? Can you try to hit it directly and get results?
2. if the answer to the above is yes, check permissions for your knowledge bundles

McAfee DB Mon REST API Integration not showing results ?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Event Series: Telemetry Pipeline Management

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Deep insights, no barriers: Splunk Observability Cloud Free Edition

Join the Conversation