Splunk Enterprise Security

Is there an alternate app available for SCCM since SCCM App for Splunk is not compatible with 6.4?

Gopi_universal
Engager

We are planning to upgrade our Splunk core from 6.2.2 to 6.4.x and Enterprise Security App as well which has dependency with SCCM App for Splunk in our environment.

But the only available app for SCCM is Version v1.0, which is not compatible with Splunk core 6.4.x

So, the requirement is to know about any alternate app for SCCM which is supported by Splunk core 6.4?

Existing SCCM app# 2750

Link: https://splunkbase.splunk.com/app/2750/

hrottenberg_spl
Splunk Employee
Splunk Employee

I just briefly examined the app contents. All of the work is done via a set of DB Connect inputs. Nothing else in the app's conf files leads me to believe you would have any backward compatibility issues, but this was a quick review only so YMMV.

It would certainly be nice to see an updated version, but I know from experience that Splunkbase and the In-App-Browser (the feature that lets you install apps from within the web UI) are being "quite conservative" here when it comes to compatibility statements.

0 Karma

hunters_splunk
Splunk Employee
Splunk Employee

Hi Gopi_universal,

I think the Splunk Add-on for Microsoft SCOM might be an alternative to SCCM App:
https://splunkbase.splunk.com/app/2729/

This is a Splunk supported that allows a Splunk software administrator to collect data from Microsoft System Center Operations Manager using PowerShell scripts.
Hope it helps. Thanks!
Hunter

0 Karma

mbarbaro
Path Finder

Hi Hunters,

with SCOM i should receive also the logs from the microsoft endpoint protection right?

0 Karma

hrottenberg_spl
Splunk Employee
Splunk Employee

Hey @hunters, I'm afraid this is not correct. SCOM is a totally different product than SCCM.

0 Karma

sirajnp
Path Finder

Hi

Did you find a solution for this.

0 Karma

mbarbaro
Path Finder

Hi,

have you found a solution for this? I need to receive logs from the endpoint protections into splunk...

THanks in advqnce

0 Karma

nick405060
Motivator

Hi

Has anyone found a solution for this

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...