Skip Navigation
DOCS HOME
CYLANCE POWERED SECURITY
Cylance Endpoint Security
CylanceGUARD
CylanceHYBRID
CylanceON-PREM
Cylance Multi-Tenant Console
CylanceV
Cylance Application for QRadar
Cylance Application for Splunk
ENDPOINT MANAGEMENT
BlackBerry Connectivity
BlackBerry Enterprise Mobility Server
BlackBerry UEM
BlackBerry UEM Client
BlackBerry UEM Cloud
BlackBerry UEM Enroll
CylancePROTECT Mobile for UEM
CylancePERSONA Mobile for UEM
SDK: BlackBerry UEM Integration
SDK: BlackBerry Web Services for BlackBerry UEM
BLACKBERRY DYNAMICS
BlackBerry Access
BlackBerry Analytics
BlackBerry Bridge
BlackBerry Connect
BlackBerry Edit
BlackBerry Notes
BlackBerry Tasks
BlackBerry Work
SDK: BlackBerry Dynamics
SDK: BlackBerry Dynamics Launcher SDK
Security and Architecture
MORE PRODUCTS
Identity, Communication, and Collaboration
BlackBerry 2FA
BBM Enterprise
BlackBerry Enterprise ID
BlackBerry Org Connect
BlackBerry Workspaces
Development Tools
BlackBerry AppSecure SDK
BlackBerry Dynamics Launcher SDK
BlackBerry Dynamics SDK
BlackBerry Spark Communication Services
BlackBerry UEM Integration SDK
BlackBerry Web Services for BlackBerry UEM
BlackBerry Workspaces SDK
Critical Event Management
BlackBerry Alert
BlackBerry AtHoc
×
CylancePROTECT Application for Splunk
1.6
Administrator Guide
Get the PDF
Introduction
Index, Eventtypes, and Sourcetypes
Dashboards
System requirements
Installation
Installing using Splunk Web
Installing Manually
Configure the index
Data sources
Configure Syslog
Architecture
Splunk settings
BlackBerry tenant settings
Verify configuration of Syslog
Configure threat data report
Cylance Console Settings/Application page
Enable threat data report
Configure adaptive response
Functionality and usage
HTTP responses
Set up the Cylance Console
Set up the CylancePROTECT Desktop Application for Splunk
Restrict access to the API connector
Removing the CylancePROTECT Desktop Application for Splunk
Remove application only and leave data intact
Remove application and data
Disable application
Data source types
Troubleshooting
Troubleshoot Syslog consumption
Troubleshoot threat data report (TDR) consumption
Log examination
Support
Request guidelines
Appendix: configure Syslog over SSL in Splunk
Linux Splunk 6.5.0 and newer
Generate certs
Modify configuration files
Restart Splunk and verify open port
Linux Splunk versions prior to 6.5.0
Generate certs
Modify configuration files
Restart Splunk and verify open port
Windows Splunk 6.5.0 and newer
Generate certs
Restart Splunk and verify open port
BlackBerry Docs
Cylance products
Protect Application for Splunk
Removing the CylancePROTECT Desktop Application for Splunk
Remove application and data
Remove application and data
Index names below will most likely be protect or cylance_protect.
Linux
Remove data: .
/splunk remove index <Your Index Name>
Remove app:
./splunk remove app [appname]
Windows
Remove data:
splunk remove index <Your Index Name>
Remove app:
splunk remove app [appname]
If you reinstall the application, the previously indexed data is available again.
Section:
Removing the CylancePROTECT Desktop Application for Splunk