The Splunk Add-Ons manual includes an Installing add-ons guide that helps you successfully install any Splunk-supported add-on to your Splunk platform. In a distributed deployment, this add-on must be deployed to these tiers in order for all functionality included in the add-on to work. This table describes the compatibility of this add-on with Splunk distributed deployment features. If you are using a Heavy forwarder, you must install McAfee ePO Syslog.ĭistributed deployment feature compatibility I just setup a DBconnect host as the ePO audit events were not being taken in. The add-on must be installed on indexers if you use universal or light forwarders for data collection. We use the ES app to grab the logs, its currently running some python script to query the database to put the data into a text file for splunk to index. Install this add-on to all search heads where McAfee ePO Syslog knowledge management is required. This table provides a reference for installing this specific add-on to a distributed deployment of the Splunk platform. See Where to install Splunk add-ons in Splunk Add-ons for more information. In a distributed deployment, this add-on must be deployed to all tiers in order to use all functionality. Depending on your environment, your preferences, and the requirements of the add-on, you may need to install the add-on in multiple places. Use the tables in this topic to determine where and how to install this add-on in a distributed deployment of Splunk Enterprise or any deployment for which you are using forwarders. If you need step-by-step instructions on how to install an add-on in your specific deployment environment, see the installation walkthroughs section at the bottom of this page for links to installation instructions specific to Splunk Cloud, distributed deployment, or a single-instance deployment. Perform any prerequisite steps before installing, if required and specified in the tables below.Determine where and how to install this add-on in your deployment, using the tables on this page.Download the Splunk Add-on for McAfee ePO Syslog at Splunk Add-on for McAfee ePO Syslog from Splunkbase.Install the Splunk Add-on for McAfee ePO Syslog
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |