Skip to main content
Splunk Lantern

Cisco: IronPort Email Security Appliances

{Replace this first sentence with a description of the data source, where it comes from, and any key information to know about it.} In the Common Information Model, {data name} can be mapped to any of the following data models, depending on the field: {linked Common information model name}.

Data visibility

{Replace this text with a line that describes what specifically the data gives you insight to, preferably using terms from use cases, sales plays, and known customer initiatives.}

Data application

When your Splunk deployment is ingesting {data source name}, you can use the data to achieve the following:

  • {Link to a Splunk Lantern use case or guide}
  • {Link to a Splunk Lantern use case or guide}
  • {Link to a Splunk Lantern use case or guide}

Configuration

Guidance for onboarding data can be found in the Spunk Documentation, Getting Data In (Splunk Enterprise) or Getting Data In (Splunk Cloud). Refer to the documentation, and note the following:

  • Recommended index: {index name}
  • Source type: {source type name}
  • Input type: {input type}
  • Add-on or app: {Name of the add-on or app exactly as it appears in Splunk Base and turn it into a hyperlink to Splunk Base}
  • Sizing estimate: {Add description}

Validation

{Replace this text with a statement that explains how the customer can validate that the data source was correctly configured.}

Use this space for SPL related to validating the data source configuration.
  • Was this article helpful?