Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Import Websense data to Splunk

sanderp
New Member
‎11-15-2011 12:03 PM

Has anyone added Websense data to Splunk and would you mind sharing that process?

0 Karma
Reply

Conradj
Path Finder
‎10-06-2015 06:07 PM

Triton integrates with 3rd party SIEM by configuring it to send a syslog feed (TPC or UDP) as key-value pairs to splunk.

Would you rather stream to a syslog server and have splunk tail the resulting file? (better i guess?)

0 Karma
Reply

araitz
Splunk Employee
Splunk Employee
‎11-15-2011 02:13 PM

The recommended approach is to scrape the Websense MSSQL database, specifically the log tables, using a scripted input that outputs the contents of these tables to an appended log file that Splunk indexes.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...

SplunkTrust Application Period is Officially OPEN!

It's that time, folks! The application/nomination period for the 2026-2027 SplunkTrust is officially open. If ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...