Hello Guys, I am trying to integrate DMARC with Splunk using IMAP input. Ive followed the below steps for integration. https://splunkbase.splunk.com/app/3752/ But while saving the input configuration for IMAP i am getting the below error error connecting to x.x.x.x with exception [ssl:unsupported_protocol] unsupported protocol (_ssl.c: 1091) I do not find any associated troubleshooting for the stated error(particularly for ssl.c: 1091). Also from the splunkd.log i could find this error message. Can anyone please help me in understanding what is causing the issue. I believe it is the IMAP server . Thanks in Advance for the help!!
... View more
Can anyone help me im understanding why the notable events are not getting populated on splunk enterprise security. Ive reinstalled the enterprise security app to see if that fixs the problem. But no luck. Also ive enabled the corelation searches that are shipped by default by the app. The CS search returns the event result when explicitly searched but when the scheduled toh run no notable events are generated. I manually tired creating a notable events. still i do not see any of the notable events in security posture or other tabs. To validate ive checked the notable index (i.e. index="notable") but even the notable index returns 0 events.I tried all but no luck. Can someone help we you understanding what is causing the issue
... View more