×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Jjza
New Member
Member since: ‎11-30-2012
‎06-05-2020
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎11-30-2012
Activity Feed
Topics I've Started
No posts to display.
View All

Re: RSA envision SIEM integration

by in All Apps and Add-ons
‎03-14-2016 04:39 AM
1 Karma
‎03-14-2016 04:39 AM
1 Karma
Events within RSA enVision can output directly to a flat file by way of the “lsdata” command. Based on specific criteria passed with the lsdata command, events collected are presented in a syslog formatted log file. Example: lsdata –events syslog –time start now >> log.unx After that you can have these files be picked up by Splunk UF/HF and forward them to your Splunk index. /D ... View more

Re: Integrate Splunk with RSA

by in Deployment Architecture
‎08-24-2014 03:51 AM
‎08-24-2014 03:51 AM
lsdata is your friend, I managed to use it successfully to export Cisco ASA logs (intact), save them to a local file on the enVision appliance and then pull them from the Splunk server side via SMB file share. This involves batch jobs on both sides. https://community.emc.com/thread/153234 ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM