What is the CylancePROTECT Application for Splunk?
Requirements: CylancePROTECTApplication for Splunk
Installing and configuring the CylancePROTECT Application for Splunk
Configure adaptive response
Data source types
Troubleshooting the CylancePROTECT Application for Splunk
Remove the CylancePROTECT Application Splunk

Customize how the
CylancePROTECT
Application for
Splunk
generates log files

If an issue arises, such as when the post-install test doesn’t result in observable output, you will need to examine splunkd.log and Cylance.log files in the $SPLUNK_HOME/var/ logs/ Splunk directory.

To generate detailed log data, do the following:

In the config.py file, in the bin directory, change the log level to one of the following:

DEBUG

INFO

WARNING

ERROR

CRITICAL

FATAL

In the config.py file, change any of the following parameters to customize log file generation:

Filename

: The default file name is cylance.log.

Size

: The default maximum log size is 1,000,000 bytes. When the files exceeds this size, a new log file is created.

Rotations

: This is the number of log files that can be created before the oldest is overwritten.

Section:

Troubleshooting the CylancePROTECT Application for Splunk

Customize how the CylancePROTECT Application for Splunk generates log files

Customize how the
CylancePROTECT
Application for
Splunk
generates log files