Splunk Enterprise Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

how to integrate with splunk and alienvault ?

zippyopsadmin
New Member
‎09-24-2019 01:17 AM

AlienVault Ossim App by A3SEC
i just install the app and follow the document but i didnt get the dashboard same as alien vault to splunk
what can i do?

0 Karma
Reply

adonio
Ultra Champion
‎09-24-2019 08:45 PM

seems like a legacy app, if you look at the notes, it says you need Sideview Utils for the app, which makes me guess it uses Advanced XML which was depreciated probably 2 or 3 years ago ...
if the data is fine, and you can see it and work with it, i suggest that you will build your own dashboards.
you can always look at the source code of the views / dashboards and see what searches are running underneath

good luck

0 Karma
Reply

zippyopsadmin
New Member
‎09-25-2019 04:33 AM

Yes thank you for your response ,I am not expecting this answer, ok I just copy the alien valut syslog file and upload my file in splunk server and overwrite the ossim_internal source type these are all done means i am getting the a3sec app dashboard

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk App for Anomaly Detection End of Life Announcment

Q: What is happening to the Splunk App for Anomaly Detection?A: Splunk is officially announcing the ...

Aligning Observability Costs with Business Value: Practical Strategies

 Join us for an engaging Tech Talk on Aligning Observability Costs with Business Value: Practical ...

Mastering Data Pipelines: Unlocking Value with Splunk

 In today's AI-driven world, organizations must balance the challenges of managing the explosion of data with ...