OpenCTI

OpenCTI Add-on for Splunk

# Append your CA certificate text to the end of that file:
cat /path/to/your/opencti_ca.pem >> /opt/splunk/etc/apps/TA-opencti-add-on/bin/ta_opencti_add_on/aob_py3/certifi/cacert.pem

/opt/splunk/bin/splunk restart
/opt/splunk/bin/splunk show kvstore-status
chown -R splunk:splunk /root/.splunk/

PreviousIntegration Netflow with Splunk NextSplunk Mobile

Last updated 14 hours ago