I have installed ThreatConnect in my lab environment and after initial configurations setting , no logs were indexed.
Could it be a case of python script error as i couldn't see any "ThreatConnect" reference in splunkd.log?
i have digged a bit more into this, and what i could find is, the python script "ThreatConnect.py" in the app folder isn't executing. This script should fetch the logs from threatconnect web site. Whenever i try to run the script manually it says "importError: No module named 'threatconnect'". Im running the script from the right path and using python version 3. Can anyone suggest what's going wrong here?