Update VectraAI Data Integration to new Add-On (currrent one used by SC4S is deprecated) #2669
Assignees
Labels
Comments
cwadhwani-splunk
added
documentation
|
@cwadhwani-splunk Hello, I now have a pcap that i captured and the custom syslog parser that Splunk AE build, where should I send it to? |
|
Could you please create a Splunk support ticket and attach the details there? Once done you can provide the support ticket number/ID here. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Note: If your issue is not a bug or a feature request, please raise a support ticket through our support portal (Splunk.com > Support > Support Portal). This will help us resolve your issue more efficiently and provide you with better assistance. For more information on how to work with the Splunk Support, please refer to this guide.
What is the sc4s version?
3.33.1
Is there a pcap available? If so, would you prefer to attach it to this issue or send it to Splunk support?
What the vendor name?
Vectra
What's the product name?
Cognito
If you're requesting support for a new vendor, do you have any preferences regarding the default index and sourcetype for their events?
Do you have syslog documentation or a manual for that device??
Feature Request description:
Currently SC4S uses the old and deprecated "Technology Add-On for Vectra Cognito" instead of the current "Technology Add-On for Vectra Detect (JSON)" at https://splunkbase.splunk.com/app/5271 Please either disable the old add-on or update to the new vendor supported add-on.
Do you want to have it for local usage or prepare a github PR?
The text was updated successfully, but these errors were encountered: