Solved: How to get Access logs from RedCloud Security Appl...

fatemabwudel · ‎07-08-2016

Hi,

As the question describes, I would like to know if there's a way to get the access logs from RedCloud Security appliance. All we have is a black box with a web interface to control that box.
I know there has to be a way, because on the main page, we have an option of "Splunk URL", but no documentation is available to see what URL to put in (master, indexer, or forwarder?) and how to configure Splunk (port 9997, 514 or something else?) to receive the logs from that box.

Any help would be greatly appreciated.

Thanks.

fatemabwudel · ‎07-15-2016

Okay, so I finally figured it out.
RedCloud no more support Splunk integration and the field "Splunk_URL" it's no longer enabled for the current version 5.x.x of the appliance, they have disabled it because of some issue with Splunk integration and will no longer be available for future releases until their engineers find a way to fix it.
In fact for the previous versions, when it was enabled, you would require a license from the vendor to use that feature if you are using an old version of the appliance.

View solution in original post

fatemabwudel · ‎07-15-2016

Okay, so I finally figured it out.
RedCloud no more support Splunk integration and the field "Splunk_URL" it's no longer enabled for the current version 5.x.x of the appliance, they have disabled it because of some issue with Splunk integration and will no longer be available for future releases until their engineers find a way to fix it.
In fact for the previous versions, when it was enabled, you would require a license from the vendor to use that feature if you are using an old version of the appliance.

How to get Access logs from RedCloud Security Appliance

Introducing the 2024 SplunkTrust!

Introducing the 2024 Splunk MVPs!

Splunk Custom Visualizations App End of Life