All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk App for CEF

knutm
Engager
‎09-01-2021 02:47 AM

I can see that the Splunk App for CEF is announced EOL.

Is a new app coming or has it been renamed or rebranded?

Does anyone know of any other app that do the same job?

 

https://docs.splunk.com/Documentation/CEFapp/2.3.0/ReleaseNotes/Newfeatures

Labels (1)
Labels
Reply

moore4708
New Member
‎10-28-2021 05:15 AM

We have a similar issue.  Splunk support did not have an answer.

One possible solution might be "CEF Extraction Add-on for Splunk"

https://splunkbase.splunk.com/app/487/

I have not found documentation on it and it is not supported by Splunk.

I have also see references to a partial solution using some changes to the configuration on the splunk agent side.

With Splunk sending their CEF product EOL, I am surprised they don't have a corporate recommendation.

Anyone have more concrete solutions?

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...