All Apps and Add-ons
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

SA-SPLICE: Why am I getting "message from "python /opt/splunk/etc/apps/SA-Splice/bin/taxii.py" ERRORNo default database defined"?

chrisomar
New Member
‎03-30-2015 01:46 PM

Hello team,

I'm trying to get SPLICE working in Splunk, however, it's complaining about default database defined. Can someone please point me out to the right direction here.

thanks.

Tags (1)
0 Karma
Reply

cleroux_splunk
Splunk Employee
Splunk Employee
‎03-31-2015 01:55 AM

did you ran the setup to configure the mongo URI ? Everything you need should be in the embedded docs.

0 Karma
Reply

chrisomar
New Member
‎03-31-2015 08:06 AM

i did run config and i did configure the URI but I'm not sure how this works? the URI is for the mongoDB server IP? or where to poll the IOCs from the tool?

A little background, i have mongoDB in a different server - not in the search head like the docs recommend. I don't know how the communication work between the mongoDB, splunk and the tool where the IOCs are located. if you can help me understand that flow will be great.

thanks and I'm sorry for my novice in this regards.

0 Karma
Reply
Get Updates on the Splunk Community!

Unleash Unified Security and Observability with Splunk Cloud Platform

     Now Available on Microsoft AzureOn Demand Now Step boldly into the AI revolution with enhanced security ...

Enterprise Security Content Update (ESCU) | New Releases

In March, the Splunk Threat Research Team had 2 releases of security content via the Enterprise Security ...

Join the Splunk Developer Program Hackathon: Splunk Build-a-thon!

The Splunk Developer Program is launching in beta, and we’re celebrating with an exciting hackathon! This is ...
Top