Splunk Enterprise

Splunk Crowdstrike Logs Ingestion

sahiltcs
Path Finder
Hello Team,
 
We have installed Crowd strike Add on 1.0.7 and ingested the logs via API in Splunk, Challenge we are facing every week logs are stop reporting to Splunk and manually we need to refresh the connection from Splunk, Can you please help why this issue is happened.
 
Is there any bug in Add on or do we need to set the limit in Crowdstrike add on to refresh the connection?
 
Thanks,
Sahil  
Labels (1)
0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

 (view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...