I need help with the splunk side of the dashboard, I have setup the syslog server in the cloud and added a machine as the communication endpoint. the machine onsite has the universal forwarder installed and have configured the port and config on the endpoint and the cloud, but i cannot get any info into Splunk. I have installed the technical add-on for MalwareBytes as well as the Malwarebytes App for Splunk. within the data inputs i have configured the forwarded inputs UDP which selected the MWB:Cloud from the list and says its successful but nothing will show on the dashboard at all none of the endpoints. Anyone got this working?
↧