Splunk Enterprise Security

Is there an alternate app available for SCCM since SCCM App for Splunk is not compatible with 6.4?

We are planning to upgrade our Splunk core from 6.2.2 to 6.4.x and Enterprise Security App as well which has dependency with SCCM App for Splunk in our environment.

But the only available app for SCCM is Version v1.0, which is not compatible with Splunk core 6.4.x

So, the requirement is to know about any alternate app for SCCM which is supported by Splunk core 6.4?

Existing SCCM app# 2750

Link: https://splunkbase.splunk.com/app/2750/

Splunk Employee
Splunk Employee

I just briefly examined the app contents. All of the work is done via a set of DB Connect inputs. Nothing else in the app's conf files leads me to believe you would have any backward compatibility issues, but this was a quick review only so YMMV.

It would certainly be nice to see an updated version, but I know from experience that Splunkbase and the In-App-Browser (the feature that lets you install apps from within the web UI) are being "quite conservative" here when it comes to compatibility statements.

0 Karma

Splunk Employee
Splunk Employee

Hi Gopi_universal,

I think the Splunk Add-on for Microsoft SCOM might be an alternative to SCCM App:
https://splunkbase.splunk.com/app/2729/

This is a Splunk supported that allows a Splunk software administrator to collect data from Microsoft System Center Operations Manager using PowerShell scripts.
Hope it helps. Thanks!
Hunter

0 Karma

Path Finder

Hi Hunters,

with SCOM i should receive also the logs from the microsoft endpoint protection right?

0 Karma

Splunk Employee
Splunk Employee

Hey @hunters, I'm afraid this is not correct. SCOM is a totally different product than SCCM.

0 Karma

Explorer

Hi

Did you find a solution for this.

0 Karma

Path Finder

Hi,

have you found a solution for this? I need to receive logs from the endpoint protections into splunk...

THanks in advqnce

0 Karma

Motivator

Hi

Has anyone found a solution for this

0 Karma