Hello, we have a requirement for this as well. Is there any update to this discussion? We have a need to integrate data sourced from ThreatResponse into our splunk solution. ... View more

Hi Chris,  Can u assist with the steps (troubleshooting efforts) you have taken to integrate the proofpoint cloud logs ... View more

After configuring pps and receiving data: Data input -> Proofpoint TAP SIEM Modular Input Name, Principal,Secret, Siem url host=tap-api-v2.proofpoint.com Sourcetype=proofpoint_tap_siem index (we were limited in choices for some reason, which caused us to update the macro set up in pps config) ... View more

The next version of the app will correct some of the broken reports. For now, you are welcome to edit the search query as needed. ... View more

Please follow this guide: https://splunkbase.splunk.com/app/3727/#/details You should be installing this both on the search head and a heavy forwarder. You do not need to edit the conf file if you do this. ... View more

Hi, Could be data-model acceleration problem. If it is newly installed add-on, kindly check whether the data-model is accelerated 100%. Please also check your indexer name is matching with your data-model constrain macro. By default that macro takes index=main, if it is different index, then please update with your latest index details to data get populated. Thanks. ... View more

Thanks Mary. This code change should occur in a future version release to permanently correct this issue but your method is a valid work around for now. ... View more

Thank you so much. It's a big help. I have been searching for days to resolve this issue. ... View more

Proofpoint now has a beta app that will allow you report on and visualze your Proofpoint Protection Server and TAP data! Check out the new app here: https://splunkbase.splunk.com/app/3727/#/details Be sure to follow the instructions listed in the details to get all the needed TA's etc that the app needs to work correctly. ... View more

Proofpoint now has a beta app that will allow you report on and visualze your Proofpoint Protection Server and TAP data! Check out the new app here: https://splunkbase.splunk.com/app/3727/#/details Be sure to follow the instructions listed in the details to get all the needed TA's etc that the app needs to work correctly. ... View more

Proofpoint now has a beta app that will allow you report on and visualze your Proofpoint Protection Server and TAP data! Check out the new app here: https://splunkbase.splunk.com/app/3727/#/details Be sure to follow the instructions listed in the details to get all the needed TA's etc that the app needs to work correctly. ... View more

Proofpoint now has a beta app that will allow you report on and visualze your Proofpoint Protection Server and TAP data! Check out the new app here: https://splunkbase.splunk.com/app/3727/#/details Be sure to follow the instructions listed in the details to get all the needed TA's etc that the app needs to work correctly. There are pre-built dashboards to aid in searching for message events. ... View more