Dashboards & Visualizations

MalwareBytes Cloud cannot see any endpoints

aoweneoecoop
Explorer

I need help with the splunk side of the dashboard, I have setup the syslog server in the cloud and added a machine as the communication endpoint. the machine onsite has the universal forwarder installed and have configured the port and config on the endpoint and the cloud, but i cannot get any info into Splunk. I have installed the technical add-on for MalwareBytes as well as the Malwarebytes App for Splunk. within the data inputs i have configured the forwarded inputs UDP which selected the MWB:Cloud from the list and says its successful but nothing will show on the dashboard at all none of the endpoints. Anyone got this working?

Tags (1)
0 Karma

aoweneoecoop
Explorer

We have configured the MalwareBytes Cloud portal syslog and used a PC that is always on as the endpoint communication device with the UDP port of 10516 due to port availability. We have installed the forwarder onto the PC to send to the Syslog server as normal but it only seems to be sending the windows event logs nothing to do with Malwarebytes. so it looks like the Cloud is not sending anything to the PC for some reason?

0 Karma

aoweneoecoop
Explorer

all resolved

0 Karma

Sir_SplunkALot
Engager

I know I'm late but, any idea what was done to resolve this? We're having this exact same issue.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...