Skip Navigation

Modify configuration files

$SPLUNK_HOME/etc/apps/cylance_protect/local/inputs.conf: [tcp-ssl://6514] disabled = false sourcetype = syslog_protect index = cylance_protect source = <tenant name>
[SSL] rootCA = $SPLUNK_HOME/etc/certs/cacert.pem serverCert = $SPLUNK_HOME/etc/certs/splunk.pem password = <The password that was used in the genSignedServerCert command above>