All Apps and Add-ons

Splunk Add-on for Qualys CIM mapping: Why does the add-on map the endpoints with vulnerabilities to dvc instead of dest?

madcitygeek
Explorer

Why does the Splunk Add-on for Qualys map the endpoints with vulnerabilities to dvc instead of dest?

Per the CIM manual:
dvc The system that discovered the vulnerability.
dest The host with the discovered vulnerability.

1 Solution

jcoates_splunk
Splunk Employee
Splunk Employee

It's wrong to do so; there is a bug on this.

View solution in original post

jcoates_splunk
Splunk Employee
Splunk Employee

It's wrong to do so; there is a bug on this.

Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...