Hello All, I have set up theSplunkAdd-On and Splunk App for Unix and Linux. Data is flowing properly however I am having an issue with alerts. I am trying to set up alerts for various things to s...
Hello, When I try to open SplunkAdd-onforOSSEC application from APP menu give me 404 Error Not Found. I removed the folder from addons and installed again but the problem is the same.
Hi, We recently updated the technology add-onfor Armis in Splunk IDM, but after the update, it's no longer generating any alerts. Could you please provide guidance ontroubleshooting this issue?
Hi , I am trying to troubleshootthesplunkAdd-onfor Microsoft Cloud Services.I checked at the following location but could not get any data. Checkpoint Directories Azure Storage Blob $SPLUNK...
While configuring an S3 input in theSplunkAdd-onfor AWS, I received an error message stating that "SSL Validation failed" because the VPC S3 Endpoint did not match a series of S3 bucket endpoint n...
...rocess this information or have theSplunkOSSECadd-on properly configured because we have the path onthesplunk server, but not fully configured: /opt/splunk/etc/apps/Splunk_TA_ossec/ What we n...
Hi all,
Recently I've upgraded all splunk deployment tiers (search head, Indexer and Heavy Forwarder) and we are collecting Windows event by Splunk_TA_windows add-on.
Before the upgrade, W...
I have configured theSplunkAdd-onfor Google Workspace on a Heavy Forwarder that is performing data collection and then forwarding the data to Splunk Cloud.
We followed the instructions at&n...
...his sourcetype?
Is there any way to have Splunk look at data coming from source=/var/ossec/logs/alerts/alerts.log and change source type from ossec_alerts to linux:audit?
Or should I addossec...