Installation

Question about Fortinet FortiGate Add-On for Splunk in splunkbase.com platform

badr_boukari
Explorer

Hello the Team, hope you are Okey!

 

I have a question about Fortinet FortiGate Add-On for Splunk which is available in splunkbase.com platform : https://splunkbase.splunk.com/app/2846/#/details.

I am deploying a distributed Splunk Enterprise infrastructure with a Heavy Forwarder, Indexer and Search Head. I don’t know exactly in which instance I should  install the add-on?

Is it in the search Head? Should I add data input on Heavy Forwarder Instance? I didn’t really find a clear procedure for the installation and the configuration.

 

I have to implement a BOSS Of The SoC environment (so the datasets are already available on GitHub web site)

 

Thanks, In advance.

Waiting for your response,

Labels (4)
0 Karma
Get Updates on the Splunk Community!

Security Highlights: September 2022 Newsletter

 September 2022 The Splunk App for Fraud Analytics (SFA) is now Splunk SupportedUse your existing Splunk ...

Platform Highlights | September 2022 Newsletter

 September 2022 What’s New in 9.0 and How to UpgradeGet a walk through of what is new Splunk Enterprise 9.0 ...

Observability Highlights | September 2022 Newsletter

 September 2022 Splunk Observability SuiteAccess to "Classic" SignalFx Interface Will be Removed on Sept 30, ...