We are planning to upgrade our Splunk core from 6.2.2 to 6.4.x and Enterprise Security App as well which has dependency with SCCM App for Splunk in our environment.
But the only available app for SCCM is Version v1.0, which is not compatible with Splunk core 6.4.x
So, the requirement is to know about any alternate app for SCCM which is supported by Splunk core 6.4?
Existing SCCM app# 2750
I just briefly examined the app contents. All of the work is done via a set of DB Connect inputs. Nothing else in the app's conf files leads me to believe you would have any backward compatibility issues, but this was a quick review only so YMMV.
It would certainly be nice to see an updated version, but I know from experience that Splunkbase and the In-App-Browser (the feature that lets you install apps from within the web UI) are being "quite conservative" here when it comes to compatibility statements.
Hi Gopi_universal,
I think the Splunk Add-on for Microsoft SCOM might be an alternative to SCCM App:
https://splunkbase.splunk.com/app/2729/
This is a Splunk supported that allows a Splunk software administrator to collect data from Microsoft System Center Operations Manager using PowerShell scripts.
Hope it helps. Thanks!
Hunter
Hi Hunters,
with SCOM i should receive also the logs from the microsoft endpoint protection right?
Hey @hunters, I'm afraid this is not correct. SCOM is a totally different product than SCCM.
Hi
Did you find a solution for this.
Hi,
have you found a solution for this? I need to receive logs from the endpoint protections into splunk...
THanks in advqnce
Hi
Has anyone found a solution for this