Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Is there any Mobile Iron device(MDM) integration documentation.

N92
Path Finder
‎01-03-2018 05:44 AM

I found some add on for dashboard. But we are facing some issue in integration like they are giving single option. How can i add multiple indexer in it.alt text

Tags (1)
Preview file
1 KB
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

gcusello
SplunkTrust
SplunkTrust
‎01-03-2018 07:35 AM

Hi N92,
it's one year that I don't see MobileIron, but I remember that in MobileIron Appliance there's an embedded Splunk Forwarder and it must only be enabled by MobileIron Administration Console: it needs only to know Indexers, ports and use of SSL or not.
It isn't possible to configure anything else, because all the correct inputs to send logs to the MobileIron App for Splunk are correctly configurated and not modifiable.

In addition Forwarder is present only in Core and not in Sentry.
To monitor it, you have to configure this server to send logs by syslog and create your own dashboards on Splunk.

App and the few documentation is downloadable from MobileIron Support Site: one year ago documentation was very poor, but I could be not updated!

I hope to be helpful for you.

Bye.
Giuseppe

View solution in original post

Reply
Solved! Jump to solution

schandrasekar
Loves-to-Learn
‎10-13-2020 05:19 PM

Hi , 

Our existing splunk architecture UF->HF->IDx->SH

MY question here is, is that the only way to get data from MobileIron Core to splunk? How do i send the data to HF instead of IDX?

 

thanks,
Sangeetha

 

0 Karma
Reply
Solved! Jump to solution

schandrasekar
Loves-to-Learn
‎10-13-2020 05:16 PM

Hi, I have same question. Our exsiting splunk architecture UF->HF->IDX->SH. My question here, is that the only way to get data from MobileIron Core to Splunk or is there a way to send the data to HF instead of IDX

0 Karma
Reply
Solved! Jump to solution
Solution

gcusello
SplunkTrust
SplunkTrust
‎01-03-2018 07:35 AM

Hi N92,
it's one year that I don't see MobileIron, but I remember that in MobileIron Appliance there's an embedded Splunk Forwarder and it must only be enabled by MobileIron Administration Console: it needs only to know Indexers, ports and use of SSL or not.
It isn't possible to configure anything else, because all the correct inputs to send logs to the MobileIron App for Splunk are correctly configurated and not modifiable.

In addition Forwarder is present only in Core and not in Sentry.
To monitor it, you have to configure this server to send logs by syslog and create your own dashboards on Splunk.

App and the few documentation is downloadable from MobileIron Support Site: one year ago documentation was very poor, but I could be not updated!

I hope to be helpful for you.

Bye.
Giuseppe

Reply
Solved! Jump to solution

N92
Path Finder
‎01-03-2018 07:44 AM

Is there need to configure both(splunk forwarder & syslog).
What is the meaning to selecting SSL option? Means If we have enabled ssl on DS & indexers then it must be selected?

0 Karma
Reply
Solved! Jump to solution

gcusello
SplunkTrust
SplunkTrust
‎01-03-2018 07:51 AM

Hi N92,
you can configure your forwarders to send logs using SSL or not, it depends by your requisites and by the configuration you have on your Indexers.

Only one additional detail:
You can use Forwarder on MobileIron Core and you don't need to use syslogs on it.
Instead you need to use syslogs on Sentry because there isn't an embedded Forwarder.

Bye.
Giuseppe

0 Karma
Reply
Solved! Jump to solution

N92
Path Finder
‎01-03-2018 08:20 AM

Thanks cusello.

0 Karma
Reply
Get Updates on the Splunk Community!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer at Splunk .conf24 ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...