I have a pcap with DNS traffic that I want to analyze. I downloaded the 'Stream Examples' app and the main SplunkAppforStream. There is a Stream Replay input option which I pointed at my .pcap b...
I need help installing a py script to call the fireeye HX API and GET all HX json data (more data than collected from the FireEye App and Add-on forSplunk Enterprise) into Splunk.
I got an a...
Hey all,
Looking for any better documentation/steps on integrating SplunkStreamapp with Enterprise Security.
Running Stream v. 7.1.1
Running Enterprise Security v. 4.7
OS/Environment: A...
...EnterpriseSecuritySuite) from etc/shcluster/apps to etc/apps folder Ran the upgrade command – (/opt/splunk/bin/splunkinstallapp ./splunk-enterprise-security_620.spl -update 1) Ran the essinstall command as per the install...
I am trying to setup a test environment so I can practice the new SPL that I am learning. I am trying to work with botsv1. I have downloaded and installed Splunk Enterprise along with the Splunk...
We have a very small test enviroment, with a single instance Splunk server (running on Linux) and a handful of Windows servers with UFs installed. I'm attempting to use SplunkStream to monitor N...
...onfigures inputs.conf to monitor some basic win event logs (e.g System, Security, Application).
Both of the troublesome forwarders are on machines in a dmz and were installed by the same p...
...latform (cannot install syslog-ng). SC4S runs on a CentOS Stream8 Server in a Podman Container. Now, for the Vectra specific part: 1) Should I use Cognito Stream to send syslog to SC4S and if yes in s...