All Apps and Add-ons

Splunk App for PCI compliance - Splunk Enterprise: Is there an option to automatically update the assets and identities lookups without running an LDAP search?

amulay26
Path Finder

I have the assets and identities list configured using LDAP search. Is there an option to automatically update the assets and identities lookups without running that LDAP search?

Any insights will be appreciated.

Thanks

0 Karma

rvany
Communicator

These lists are lookup tables. You could update them just like any other lookup table - but, somehow you have to get the data. LDAP is one option for identities, CMDB is one option for assets.

0 Karma
Get Updates on the Splunk Community!

Routing Data to Different Splunk Indexes in the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. The OpenTelemetry project is the second largest ...

Getting Started with AIOps: Event Correlation Basics and Alert Storm Detection in ...

Getting Started with AIOps:Event Correlation Basics and Alert Storm Detection in Splunk IT Service ...

Register to Attend BSides SPL 2022 - It's all Happening October 18!

Join like-minded individuals for technical sessions on everything Splunk!  This is a community-led and run ...