I am running Splunk Version 6.5.0 on Linux
I have installed Cisco AMP for Endpoints Events Input (https://splunkbase.splunk.com/app/3670/) on my indexer and filled out the configuration field with my API host , API id, and API key. However, when I go to the "new inputs" tab it just says "please wait..." nothing is populating within the app. I can make an API call using curl and see that I can get data from Cisco AMP for endpoints. Has anybody else had this problem with the app or a potential solution? Any help would be most appreciated!
Thanks!
... View more