Splunk Guide
Advanced Configuration
Alternatively of using data collected by Splunk, you can bring 3rd party data (Microsoft SCCM, AWS SSM, ServiceNow, etc) already load in sRTMS - using Connect - into Splunk.
- Log in to Splunk Web and navigate to Settings >Data inputs.
- Click on fatstacks
- On splunkapp line item, click clone
- Update the settings and click save
Settings
Name
Name of the sRTMS index that will be loaded into Splunk
<Please enter a value>
Software Asset Management
Enable/Disable Software Asset Management "SVM" module
Values: True/False
Software Vulnerability Management
Enable/Disable Software Vulnerability Management "SVM" module
Values: True/False
sRTMS API Url
The sRTMS API Url.
Default: https://srtms.fatstacks.tech:11000
sRTMS License
Your sRTMS License Key.
Please contact info@fatstacks.tech if you need a Trial key
<Please enter a value>
sRTMS Login
Your sRTMS Login.
<Please enter a value>
sRTMS Password
Your sRTMS Password.
<Please enter a value>
Splunk API Url
The Splunk API Url.
Format:
https://<hostname>:<port>
Please make sure the port is open. This is required for sRTMS to be able to run search query from the Cloud.
KEEP IT EMPTY
Splunk Login
The Splunk Login.
NOT USED
Splunk Password
The Splunk Password.
NOT USED
Device Search
The Splunk Device Search query.
NOT USED
Package Search
The Splunk Package Search query.
NOT USED
sRTMS API size page
Number of entries return by sRTMS per API call.
Default: 500
More Settings
Interval
Number of seconds to wait before running the command again, or a valid cron schedule. (leave empty to run this script once)
Default: 86,400 s (1day)
Index
Set the destination index for this source.
Default: srtms
Support
if you have questions or issues with the documentation, please contact us as support@fatstacks.tech