Would you be able to add SNMPv3 support? The current RSA Authentication Manager Virtual Appliance (8.1) only supports SNMPv3
Trying get our new appliances logging in splunk and would like to use this app - any progress on snmpv3 support?
Finally got access to the logs from a new RSA appliance and in the process of updating the app however I doubt SNMPv3 will be part of the update since I do not have access to walk the device, however if you are willing to assist with supporting that integration (some simple testing) then email me at the address posted in one of my answers within this thread and I'd be glad to work on that.
We went with the Syslog option.
The new 8.1 RSA appliance supports syslog as well as SNMP. Authentication logging will be sent to the syslog server as well as stored locally. The app can likely be used for Splunk to properly parse/transform the data since it is only CSV formatted and does not use name=value pairing.,The new 8.1 RSA appliance supports syslog as well as SNMP. The server will send syslog as well as write to local disk.
d3, new to Splunk. Can you be more specific in setting up Splunk to receive from RSA appliance? UDP vs. TCP, sourcetype, etc.? Thanks
@mdoering ... send me an email joshd blank joshd space ca ...and we can discuss what you need.
replace blank with a @ and space with a . 🙂
@joshd thumbs up
Also curious about this as well. Any plans to add this support?
Thanks,
Jon
This app is due for a much needed overhaul as a whole... altho I lack access to the devices anymore to do testing. Are you able to provide some assistance with sample data and such? If so, please email me at the email address above and I can get moving on things. Thanks!