Skip Navigation
DOCS HOME
CYLANCE POWERED SECURITY
Cylance Endpoint Security
CylanceGUARD
CylanceHYBRID
CylanceON-PREM
Cylance Multi-Tenant Console
Cylance Engine
CylanceV
Cylance Application for QRadar
Cylance Application for Splunk
ENDPOINT MANAGEMENT
BlackBerry UEM
BlackBerry UEM Client
BlackBerry Enterprise Mobility Server
BlackBerry Analytics
CylancePROTECT Mobile for UEM
SDK: BlackBerry Web Services for BlackBerry UEM
BLACKBERRY DYNAMICS
BlackBerry Access
BlackBerry Bridge
BlackBerry Connect
BlackBerry Edit
BlackBerry Notes
BlackBerry Tasks
BlackBerry Work
SDK: BlackBerry Dynamics
SDK: BlackBerry Dynamics Launcher SDK
Security and Architecture
MORE PRODUCTS
Identity, Communication, and Collaboration
BlackBerry 2FA
BBM Enterprise
BlackBerry Enterprise ID
BlackBerry Org Connect
BlackBerry Workspaces
Development Tools
BlackBerry Dynamics Launcher SDK
BlackBerry Dynamics SDK
BlackBerry Web Services for BlackBerry UEM
BlackBerry Workspaces SDK
Critical Event Management
BlackBerry AtHoc
×
CylancePROTECT Application for Splunk
Administration Guide
Get the PDF
What is the CylancePROTECT Application for Splunk?
Requirements: CylancePROTECTApplication for Splunk
Installing and configuring the CylancePROTECT Application for Splunk
Install the CylancePROTECT Application for Splunk from the Splunk web app manager
Install the CylancePROTECT Application for Splunk manually
Configure an event index
Configure the syslog data connection
Configuring the syslog data connection over SSL in Splunk
Configure the syslog data connection over SSL for Linux Splunk
Configure the syslog data connection over SSL for Windows Splunk
Configure threat data reporting
Configure adaptive response
Data source types
Troubleshooting the CylancePROTECT Application for Splunk
Customize how the CylancePROTECT Application for Splunk generates log files
Troubleshoot syslog consumption
Troubleshoot threat data reporting
Remove the CylancePROTECT Application Splunk
BlackBerry Docs
Cylance products
CylancePROTECT Application for Splunk Administration Guide
Requirements: CylancePROTECTApplication for Splunk
Requirements:
CylancePROTECT
Application for
Splunk
Item
Requirements
Splunk
Splunk
version 7.2 or later
Network
Connections over port 443 must be allowed for the
CylancePROTECT
Application for
Splunk
to get threat data reports from
Cylance Endpoint Security
.
To forward syslog events from
Cylance Endpoint Security
to your Splunk environment, you must configure network settings in the
Cylance
console and a log forwarder or firewall rule in your
Splunk
environment. For more information, see the
Cylance syslog guide
.