All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

how do I get splunk to work for my at&t uverse,i downloaded the splunk app and tried to open it and it wont...how do I gert it to work with splunk?

rodimusprime
New Member
‎09-21-2016 09:01 PM

I downloaded splunk to a separate computer, I want it to monitior my private network, so I also downloaded the at&t splunk app..I opened it and a small window briefly pops up then disappears...how do I get this thing to work for me?

0 Karma
Reply

japger_splunk
Splunk Employee
Splunk Employee
‎09-22-2016 05:36 AM

Unfortunately, there are many AT&T U-Verse modems being used and they utilize differing types and formats of data. The modem version (hardware/software) that the App supports and hints regarding the setup are detailed in the README.txt file. If you have the same modem or the modem uses the same logging format, you should be able to following the modem config instructions (README.txt also) to send the syslog messages to your Splunk instance. It is worth noting that the default port that the app uses is UDP:912 but you change change this by modifying the inputs.conf file. Everything else is taken care of for you. All searching within the app is based on sourcetype=u-verse.

0 Karma
Reply

japger_splunk
Splunk Employee
Splunk Employee
‎09-22-2016 05:35 AM

Unfortunately, there are many AT&T U-Verse modems being used and they utilize differing types and formats of data. The modem version (hardware/software) that the App supports and hints regarding the setup are detailed in the README.txt file. If you have the same modem or the modem uses the same logging format, you should be able to following the modem config instructions (README.txt also) to send the syslog messages to your Splunk instance. It is worth noting that the default port that the app uses is UDP:912 but you change change this by modifying the inputs.conf file. Everything else is taken care of for you. All searching within the app is based on sourcetype=u-verse.

Reply
Get Updates on the Splunk Community!

Maximize the Value from Microsoft Defender with Splunk

 Watch NowJoin Splunk and Sens Consulting for this Security Edition Tech TalkWho should attend:  Security ...

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Get the latest news and updates from the Splunk Community here! News From Splunk Answers ✍️ Splunk Answers is ...

Reminder! Splunk Love Promo: $25 Visa Gift Card for Your Honest SOAR Review With ...

We recently launched our first Splunk Love Special, and it's gone phenomenally well, so we're doing it again, ...