Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
321
Views
0
Helpful
1
Replies

Multiple Cisco Secure Endpoint APIs in Splunk

LKladny
Level 1
Level 1

‎10-05-2023 07:33 AM

Hello Everyone, 

 

Hello Cisco Community,

Our company provides Cisco Secure Endpoint to different businesses, and we want to combine data from these systems in Splunk for better analysis.

We found an official integration for Splunk here: Splunk Integration. However, it only works with one system at a time. We have 12 different clients, each with their own Cisco Secure Endpoint setup. This means we're dealing with 12 different data sources.

Until September, we used a custom Python script to manage this, but it stopped working properly. Now, it only says, 'No additional records found.'

We need help to find a way to put all 12 data sources into Splunk while keeping the data accurate. Any advice or useful resources would be greatly appreciated.

Thank you for your help and knowledge.

Best regards,

L. Kladny

1 person had this problem
Labels:
0 Helpful
1 Reply 1

davide.garofalo@nts.eu
Level 1
Level 1

‎12-06-2023 06:02 AM

Hi Kladny,

did you solve this problem? if yes, how?

Thank you

Davide

0 Helpful
Customers Also Viewed These Support Documents