Download this app from splunkbase or Github.
Search Heads : Yes
Indexers : Conditional
Heavy Forwarders : Conditional
Universal Forwarders : No
Must be installed on either the HF or Indexers
This add-on uses the WinEventLog stanza in inputs.conf. See the splunk documentation for more information. The sourcetype must be set to "comodo" for this add-on to work.
Check the event viewer under Application and Server logs for the events you wish to monitor.
# sample inputs.conf [WinEventLog://COMODO Client - Security CEF] disabled = 0 sourcetype = comodo [WinEventLog://COMODO Internet Security CEF] disabled = 0 sourcetype = comodo [WinEventLog://COMODO Internet Security Trace] disabled = 0 sourcetype = comodo
Please open an issue at github.com
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.