Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How do you deploy Splunk ProofPoint Add-in?

marlongarcia
New Member
‎09-24-2018 05:03 PM

Hi All -

I'm new with Splunk and currently just started learning the Fundamentals. I just received a request to setup and configure ProofPoint RSyslog in Splunk.

Hoping to give me more information and instruction how to setup the Proofpoint add-in in Splunk.

Thank you in advance and any inputs and suggestion is highly appreciated.

0 Karma
Reply

adonio
Ultra Champion
‎09-24-2018 05:34 PM

Hello and Welcome to Splunk!
start with a little reading on the ProofPOint Side:
https://www.proofpoint.com/us/technology-partners/splunk
then dive in to how the app integrates: (there are 2 add-ons and i always forget which one trumps)
https://splunkbase.splunk.com/app/3080/#/details - this one i think works with syslog
https://splunkbase.splunk.com/app/3681/ - this one is with API Modular Input
enjoy answers from other members asking the same question you do:
https://answers.splunk.com/answers/405250/how-to-pull-logs-into-splunk-from-proofpoint-via-a.html

hope it helps and enjoy the journey!

0 Karma
Reply

marlongarcia
New Member
‎09-24-2018 06:04 PM

Thank you Adonio for the links. Will definitely check this and keep you posted.

Hopefully I can successfully setup the PP in Splunk.

0 Karma
Reply
Get Updates on the Splunk Community!

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...