Splunk Dev
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Optiv Threat Intel: Why are there no logs formed?

antifreke
Path Finder
‎02-16-2017 07:53 AM

I am having some difficulty with the OpTiv Threat Intel app and am troubleshooting why there are no logs formed. I have minimal data in the troubleshooting section that gives me the following 3 lines:

[*] Starting python threat list script. 
[*] Starting python get alerts script.
[*] Looking for old log files to clear.

I've changed these over to the full path for the Windows machine:

./bin/getalerts.py:38: splunk_home = '/opt/splunk' 
./bin/starter_script.sh:5:THREAT_SCRIPT_PATH="/opt/splunk/etc/apps/optiv_threat_intel/bin/optiv_threat_lists.py" 
./bin/starter_script.sh:6:RSS_SCRIPT_PATH="/opt/splunk/etc/apps/optiv_threat_intel/bin/getalerts.py" 
./bin/starter_script.sh:7:#LOG_FOLDER="/opt/splunk/etc/apps/optiv_threat_intel/bin/" 
./bin/starter_script.sh:8:LOG_FOLDER="/opt/splunk/var/log/splunk/" 
./bin/starter_script.sh:9:PYTHON="/opt/splunk/bin/splunk cmd python" 
./bin/optiv_threat_lists.py:64: splunk_home = '/opt/splunk'

Reset and reloaded, and nothing populates. I've uninstalled and done a clean reinstall with the same results. There are no log files created in the var/log directory to assist with trouble shooting. Any help would be greatly appreciated.

Reply

derekarnold
Communicator
‎02-17-2017 05:43 PM

There are four files to edit when using a different file path. See this other thread please:

https://answers.splunk.com/answers/374894/how-to-configure-the-optiv-threat-intel-app-on-win.html

Specifically the BAT file listed is what you'll need the path corrected.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...