Getting Data In

threat_intelligence_manager as input in the inputs.conf file

kausar
Path Finder

I see the following stanza in my SplunkEnterpriseSecurity app's inputs.conf file. (added by splunk professional)

[threat_intelligence_manager://]
...

What is that and where is it coming from? I can't find any details on any this input in the inputsconf documentation. https://docs.splunk.com/Documentation/Splunk/6.5.3/Admin/Inputsconf. Where would I find stuffs to read further about it?

Tags (1)
0 Karma
1 Solution

llee_splunk
Splunk Employee
Splunk Employee

That stanza is managed by the threat_intelligence_manager.py modular input. You can read more on the Threat Intelligence framework in Splunk ES here: http://dev.splunk.com/view/enterprise-security/SP-CAAAFBC

View solution in original post

llee_splunk
Splunk Employee
Splunk Employee

That stanza is managed by the threat_intelligence_manager.py modular input. You can read more on the Threat Intelligence framework in Splunk ES here: http://dev.splunk.com/view/enterprise-security/SP-CAAAFBC

Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...