Getting Data In

How to get Access logs from RedCloud Security Appliance

fatemabwudel
Path Finder

Hi,

As the question describes, I would like to know if there's a way to get the access logs from RedCloud Security appliance. All we have is a black box with a web interface to control that box.
I know there has to be a way, because on the main page, we have an option of "Splunk URL", but no documentation is available to see what URL to put in (master, indexer, or forwarder?) and how to configure Splunk (port 9997, 514 or something else?) to receive the logs from that box.

Any help would be greatly appreciated.

Thanks.

0 Karma
1 Solution

fatemabwudel
Path Finder

Okay, so I finally figured it out.
RedCloud no more support Splunk integration and the field "Splunk_URL" it's no longer enabled for the current version 5.x.x of the appliance, they have disabled it because of some issue with Splunk integration and will no longer be available for future releases until their engineers find a way to fix it.
In fact for the previous versions, when it was enabled, you would require a license from the vendor to use that feature if you are using an old version of the appliance.

View solution in original post

0 Karma

fatemabwudel
Path Finder

Okay, so I finally figured it out.
RedCloud no more support Splunk integration and the field "Splunk_URL" it's no longer enabled for the current version 5.x.x of the appliance, they have disabled it because of some issue with Splunk integration and will no longer be available for future releases until their engineers find a way to fix it.
In fact for the previous versions, when it was enabled, you would require a license from the vendor to use that feature if you are using an old version of the appliance.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...