Archive

,Eventgen.conf file for different splunk-apps

Engager

Hello everyone,

Do we have to create a eventgen.conf file for all apps. Or, does it automatically come under the relevant apps when the apps are installed? For example, i've installed SplunkAppForFortinet with add-on and cisco_ios apps with add-on. There is a eventgen.conf file in the TA-cisco_ios/default but there is no eventgen.conf in the splunk_TA_fortinet_fortigate.

Could you please help me to find what is the problem?

SplunkTrust
SplunkTrust

Not all apps include eventgen configs. For those that lack it, it is up to you to create it.

---
If this reply helps you, an upvote would be appreciated.
0 Karma