Solved: Splunk Add-on for Check Point OPSEC LEA Linux Conf...

a599korg · ‎09-16-2014

I have got to page 31 in the documentation (configuring the LEA client using the command line) - Working off a linux HWF Server.
Step2 Edit opsec.conf
Which should be $SPLUNK_HOME/etc/apps/Splunk_TA_opseclea_linux22/local/opsec.conf
But there is no local folder and no opsec.conf.
I have checked the download and it doesn't include the local folder or the opsec.conf file.
Does anyone know why these are missing?

MarioM · ‎09-22-2014

In this case you must create the local directory, then create the opsec.conf file inside this directory.

Finally you must add the domain stanza to the opsec.conf file, as detailed in the docs.

A note has been added to the doc to reflect that http://docs.splunk.com/Documentation/OPSEC-LEA/2.1/Install/ConfiguretheLEAclient#Step_2._Edit_opsec....

View solution in original post

MarioM · ‎09-22-2014

In this case you must create the local directory, then create the opsec.conf file inside this directory.

Finally you must add the domain stanza to the opsec.conf file, as detailed in the docs.

A note has been added to the doc to reflect that http://docs.splunk.com/Documentation/OPSEC-LEA/2.1/Install/ConfiguretheLEAclient#Step_2._Edit_opsec....

Splunk Add-on for Check Point OPSEC LEA Linux Configuration: Where is the local folder and opsec.conf?

Unlock Database Monitoring with Splunk Observability Cloud

Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All

[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk

Join the Conversation

Splunk Add-on for Check Point OPSEC LEA Linux Configuration: Where is the local folder and opsec.conf?

Unlock Database Monitoring with Splunk Observability Cloud

Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All

[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk