Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Getting error “Connect to 127.0.0.1:9999 failed. Connection refused“ when I start the Kaspersky Threat Feed App for Splunk

xtlyk
New Member
‎07-20-2016 02:27 AM

Hi everyone,

i have installed the Kaspersky Threat Feed App for Splunk, but I'm getting error:

Connect to 127.0.0.1:9999 failed. Connection refused

in splunkd.log. I can't see any data in Splunk Web.
Can you help me? Thank you
alt text

Preview file
1 KB
0 Karma
Reply

KasperskyLab
New Member
‎09-19-2016 03:44 AM

Hello, xtlyk!

Miteshvohra is right!
Please contact Kaspersky Lab to get Kaspersky Threat Feed Service (KTFS) and access to Threat Intelligence Data Feeds: https://www.kaspersky.com/enterprise-security/intelligence-services

The reason you got this error, because Kaspersky Threat Feed App for Splunk requires KTFS to be launched on you Linux system.

Please let us know if you have any question.
Thank you!

0 Karma
Reply

miteshp250283
Path Finder
‎05-19-2017 05:57 AM

@KasperskyLab: Any plans to release a working copy of app including the scripts and sample data?

We have prospect customers who are looking out for Kaspersky TDF and Splunk Enterprise Security integration.

Appreciate if you can upload the full version to Splunkbase.

Thanks, Mitesh.

0 Karma
Reply

KasperskyLab
New Member
‎05-23-2017 05:37 AM

Hello Mitesh,

Please note that according to Splunkbase guideline, we can’t upload any binary (such as Kaspersky Threat Feed Service) other than App for Splunk. Thus, please contact our team responsible for security services – intelligence@kaspersky.com (please specify you are from Splunkbase). They will provide you with the full package to integrate Kaspersky Threat Data Feeds with Splunk.
Feel free to ask any question you have.

Thank you in advance.
Best regards, Kaspersky Lab.

0 Karma
Reply

miteshvohra
Contributor
‎09-02-2016 12:58 AM
  1. The documentation of the App states : BEFORE YOU START USING THE APPLICATION, PLEASE CONTACT KASPERSKY LAB TO GET KASPERSKY THREAT FEED SERVICE AND ACCESS TO KASPERSKY THREAT INTELLIGENCE DATA FEEDS.

Kindly reach out to anyone in Kaspersky Lab team in your region for obtaining trial access to the feed service.

  1. Kaspersky Threat Feed App for Splunk and Feed Service have the following system requirements.

Supported operating systems: Linux x64
Software requirements: Splunk 6.2+ & Python 2.6, 2.7

Source URL: https://help.kaspersky.com/KFS/1.0/en-EN/98426.htm

Make sure your system meets the stated requirements.

Please share your experience.

Mitesh.

Reply
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...