TA-proofpoint_TAP

Splunk TA for proofpoint TAP alerts

TA Created by Bryan Fisher (brf2010@med.cornell.edu, bryan.fisher797@gmail.com)

Requirements:

python 3.3+ (only tested on 3.4 and 3.5)
Unix-y OS
The super-awesome requests library (pip install requests)

Setup:

On the box that will be doing the data collection:

Install the TA
Copy default/inputs.conf to local/inputs.conf
In inputs.conf, change disabled = true to disabled = false
Examine bin/starter_script.sh and make sure that the paths to the app directory and to the python3 executable are correct
Edit bin/PP_TAP_logs.py to add your API credentials to the username and password fields.
(re)start splunk

On the search head:

Install the TA
Enjoy Proofpoint logs responsibly

Name		Name	Last commit message	Last commit date
Latest commit History 13 Commits
bin		bin
default		default
metadata		metadata
.gitignore		.gitignore
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

TA-proofpoint_TAP

Splunk TA for proofpoint TAP alerts

TA Created by Bryan Fisher (brf2010@med.cornell.edu, bryan.fisher797@gmail.com)

Requirements:

Setup:

On the box that will be doing the data collection:

On the search head:

About

Uh oh!

Releases

Packages

Languages

wcmc-its/TA-proofpoint_TAP

Folders and files

Latest commit

History

Repository files navigation

TA-proofpoint_TAP

Splunk TA for proofpoint TAP alerts

TA Created by Bryan Fisher (brf2010@med.cornell.edu, bryan.fisher797@gmail.com)

Requirements:

Setup:

On the box that will be doing the data collection:

On the search head:

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages