I see the following stanza in my SplunkEnterpriseSecurity app's inputs.conf file. (added by splunk professional)
What is that and where is it coming from? I can't find any details on any this input in the inputsconf documentation. https://docs.splunk.com/Documentation/Splunk/6.5.3/Admin/Inputsconf. Where would I find stuffs to read further about it?
That stanza is managed by the threat_intelligence_manager.py modular input. You can read more on the Threat Intelligence framework in Splunk ES here: http://dev.splunk.com/view/enterprise-security/SP-CAAAFBC
View solution in original post