Websense Triton DLP (Events and Classification Data)

How can Splunk pull events and classification data from Websense Triton? It appears that the data is stored in a SQL database, but I don't see mention of an export tool, API, or other method to grab the data other than reverse-engineering their schema.

third-party-integration

asked 17 Dec '10, 16:26

Ron Naken
3.0k●3●20
accept rate: 35%

3 Answers:

oldest newest most voted

2	You could use a database trigger to dump rows to a file on insert or some other condition, but I don't think you will be able to even do that without understanding the schema. link answered 17 Dec '10, 19:38 araitz ♦♦ 7.2k●2●5●16 accept rate: 38%

1	try custom log configuration on your WSG produce text log files. Then use syslog-ng v3 or Snare agent to bounce the logs to splunk (or centeral logging host) link answered 24 Mar '11, 18:51 mhassan 36●1 accept rate: 33%

0	How would you go about "bouncing" the logs to splunk? link answered 28 Jun '11, 13:49 bajaguy 11 accept rate: 0%

Post your answer

toggle preview

Follow this question

Email:

RSS:

Answers

Answers + Comments

Markdown Basics

*italic* or _italic_
**bold** or __bold__
link:[text](http://url.com/ "Title")
image?![alt text](/path/img.jpg "Title")
numbered list: 1. Foo 2. Bar
to add a line break simply add two spaces to where you would like the new line to be.
basic HTML tags are also supported

learn more about Markdown

Tags:

third-party-integration ×13

Asked: 17 Dec '10, 16:26

Seen: 1,521 times

Last updated: 28 Jun '11, 13:49

Websense Triton DLP (Events and Classification Data)

Follow this question

Splunk Resources

Related questions