- Introduction
- System requirements
- Configure Syslog
- Configure threat data report
- Configure adaptive response
- Removing the CylancePROTECT Desktop Application for Splunk
- Data source types
- Troubleshooting
- Support
- Appendix: configure Syslog over SSL in Splunk
Modify configuration files
$SPLUNK_HOME/etc/apps/cylance_protect/local/inputs.conf: [tcp-ssl://6514] disabled = false sourcetype = syslog_protect index = cylance_protect source = <tenant name>
[SSL] rootCA = $SPLUNK_HOME/etc/certs/cacert.pem serverCert = $SPLUNK_HOME/etc/certs/splunk.pem password = <The password that was used in the genSignedServerCert command above>