Installation

Instructions for installing and configuring the Nozomi Networks Splunk Universal Add-on. This topic covers logging into Splunkbase, downloading the add-on, setting up accounts, configuring inputs, and managing data retrieval parameters for seamless integration with Nozomi Networks.

Procedure

  1. Log in to the Splunkbase website.
  2. In the search field, search for Nozomi Networks.
    The Nozomi Networks Universal Add-on page shows.
  3. Select Download.
    The Accept License Agreements page shows.
  4. Accept the terms and select Agree to download.
    A dialog shows.
  5. Select Ok.
  6. For an overview of the Splunk Universal Add-on, select Details.
  7. Select Installation.
  8. In the configuration section, create an account. The account should include the username and password, which are the key name and key token of:
  9. In the input section, configure the input to retrieve the following data from Nozomi Networks:
    • Alert
    • Asset
    • NodeCve
    • Node
    • Link
    • Variable
    • Session
  10. Add the host without (hypertext transfer protocol (HTTP) or hypertext transfer protocol secure (HTTPS)).
  11. Select the account that you just created.
  12. To specify the data retrieval starting point, use the from timestamp filter.
  13. To determine how many items are retrieved for every call, define the page size.
  14. Select Add.