Does Splunk Enterprise  8.2.4 60 days Eval have the same limitation with the Zscaler app and Zscaler add-on like Splunk Cloud  ?   Thanks Asif ... View more

We're testing Cloud to Cloud logging zscalernss-web using HEC in trial Splunk Cloud platform. We ran into an issue configure Zscaler ADD-On for Splunk app. It keep spinning without showing any data. Is it possible related to trial account with limited functionality ? Please advice  Thanks Asif   Expected output      Thanks Asif ... View more

We're trying to configure HTTPS API feed  that will push logs from Zscaler Cloud service into an HTTPS API-based log collector on the SIEM using trail Splunk Cloud platform. Please advice    Thanks Asif ... View more

Splunk Connect for Syslog This is Splunk’s preferred method of ingesting high volumes of data. Details can be located here → https://splunk-connect-for-syslog.readthedocs.io/en/latest/ TCP Data Input Navigate to Settings -> Data Inputs -> TCP (Add new) This brings you to following screen. In this step, we will configure Splunk to listen on TCP using port 514. NSS only supports TCP, but the destination port is configurable. Most administrators use port “514” as it is the default port for UDP based syslog. After configuring SIEM port, click next   We're following the above step but not able to find TCP / UDP  configure the port to synced with Zscaler NSS. I'm logging in Splunk Cloud portal  as trial member. Could it be restriction/privilege to my trail account ?  Please advice    Thanks Asif          ... View more