Arrcoding to your guide "http://docs.splunk.com/Documentation/ES/4.7.2/Admin/Addthreatintelcustomlookup", I can upload my TI csv into the Splunk host and let the ES to lookup it.
May I know if there is a file size limit (50Mb) of this csv? Is it possible to modify the configuration to increase the file size limit. say 100Mb, and if yes, how to do that. Thanks.
... View more
Can I Install Splunk Enterprise as a non-root user, run Splunk Enterprise as a non-root user, as well as listen directly on a port below 1024?
... View more