Is anyone able to get this to work? I've got the API setup and the app configured to use it on a heavy forwarder, but nothing happens. I don't get errors in the logs, or any logs generating for that matter either. Using splunk 6.2.4 heavy forwarder in Linux with a distributed environment. Checked main and index I assigned, as well as internal indexes for any logs- all contain no data from Nessus. I don't see any glaring indications splunk is even accessing the api in the Nessus logs.
I put in a ticket as I have splunk enterprise, but my guess is they'll take weeks to get back, hoping someone for the community may have figured this out. Thanks in advance for any help,
↧