Splunk Guide

Getting Started

  1. Log in to Splunk Web and navigate to Settings >Data inputs.
  2. Click on fatstacks
  3. Click on splunkapp
  4. Update the settings and click save
Splunk Data Inputs

Settings

Software Asset Management

Enable/Disable Software Asset Management "SVM" module

Values: True/False


Software Vulnerability Management

Enable/Disable Software Vulnerability Management "SVM" module

Values: True/False


sRTMS API Url

The sRTMS API Url.

<Please enter a value>


sRTMS Login

Your sRTMS Login.

<Please enter a value>


sRTMS Password

Your sRTMS Password.

<Please enter a value>


Splunk API Url

The Splunk API Url.

Format:

https://<hostname>:<port>

Please make sure the port is open. This is required for sRTMS to be able to run search query from the Cloud.

<Please enter a value>

Splunk Login

The Splunk Login.

<Please enter a value>


Splunk Password

The Splunk Password.

<Please enter a value>


Device Search

The Splunk Device Search query.


Package Search

The Splunk Package Search query.


sRTMS API size page

Number of entries return by sRTMS per API call.

Default: 500

More Settings

Interval

Number of seconds to wait before running the command again, or a valid cron schedule. (leave empty to run this script once).

Default: 86,400 s (1day)


Index

Set the destination index for this source.

Default: srtms

Support

if you have questions or issues with the documentation, please contact us as support@fatstacks.tech