All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Tenable add-on for Splunk: How to allow full ingestion

ShaunBaker
Path Finder
‎06-25-2019 07:45 AM

I am noticing that Splunk ingestion is spotty.
For example, out of a hundred machines that have pluginID 38153 results a few days ago (verified in the SecCenter GUI),
only three of these machines/results are found in Splunk.

Are there a limits.conf or another setting that needs to be changed to allow full ingest?

0 Karma
Reply

ShaunBaker
Path Finder
‎06-26-2019 09:38 AM

I have emailed Tenable to upgrade my current Tenable login to be a valid Support Portal account. In the interim, does anyone else have experience with this limit in ingestion? The Tenable add-on does not have a limits.conf, so wondering where else these limits would be found, maybe under system/default?

0 Karma
Reply

nkeuning
Communicator
‎06-25-2019 11:19 AM

Everything should work out of the box. If you are seeing inconsistencies please create a support case with Tenable and we can help resolve.

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...