This app is required for the automated mapping models in adaptive response actions on the Splunk platform to work correctly. ![]() ![]() If you have Splunk Enterprise Security (ES) installed, you don't need to download this library as it is already included with Splunk ES. This app is required to map event fields to CEF format, then forward those events to Splunk Phantom.Äownload the Splunk Common Information Model (CIM) from Splunkbase. Make sure you have the following apps installed on your Splunk Enterprise deployment:Äownload the Splunk Phantom App for Splunk from Splunkbase. Verify that you are using the following product version combinations if you installing the Splunk Phantom App for Splunk on Splunk Enterprise: For example, Splunk ES versions 6.5.1, 6.5.x means that Splunk ES version 6.5.1 or any 6.5.x release later than 6.5.1 is required. The Splunk Phantom App for Splunk requires specific Splunk platform combinations. Splunk product compatibility requirements
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |