Skip to content

You're not viewing the latest version. Click here to go to latest.

IntelMQ

Splunk

Initializing search

certtools/intelmq

IntelMQ

certtools/intelmq

Introduction
Overview
Tutorials
Tutorials
- Using IntelMQ Manager
User Guide
User Guide
- Intro
- Event
- Bots
- Feeds
- Abuse Contacts
- Manager
- API
Administrator Guide
Administrator Guide
- Intro
- Installation
  Installation
- Upgrade
- Hardware Requirements
- Configuration
  Configuration
- Management
  Management
  - IntelMQ
  - IntelMQ API
- Database
  Database
  - PostgreSQL
  - Elasticsearch
  - Splunk
  - SQLite
  - MSSQL
- Utilities
  Utilities
  - Bash Completion
- Integrations
  Integrations
  - MISP
  - N6
  - CIFv3
- Beta Features
- Common Problems
- FAQ
Developer Guide
Developer Guide
Changelog
Security
Community
Help

Sending IntelMQ events to Splunk

Go to Splunk and configure in order to be able to receive logs (intelmq events) to a TCP port
Use TCP output bot and configure accordingly to the Splunk configuration that you applied.

Made with Material for MkDocs