Solved: Re: CEF output to Arcsight - where can I find 'rto...

meno · ‎04-12-2011

Where can I find rtoutput.py ? It is mentioned here on page 8.

araitz · ‎04-15-2011

The framework is still being tightly controlled while it undergoes additional development - specifically, I am working on a UI for it 🙂

I will be sure to upload to Splunkbase and post a blog when it is ready for mass distribution.

View solution in original post

araitz · ‎04-15-2011

The framework is still being tightly controlled while it undergoes additional development - specifically, I am working on a UI for it 🙂

I will be sure to upload to Splunkbase and post a blog when it is ready for mass distribution.

matthieu_araman · ‎04-23-2015

it looks like this rtoutput.py script is no longer needed -> the functionality is now integrated into splunk cef app which allow most configuration via a web form.

awurster · ‎01-22-2013

can we have an update on this please? is it part of the real time output app?

http://splunk-base.splunk.com/apps/48082/splunk-real-time-output

edbolton · ‎05-04-2012

I'm very interested in doing this in my environment, has there been any movement on the UI/formal support?

dmlee · ‎11-21-2011

Hi araitz,

our customer also want to use splunk to monitor logs and send alert message to ArcSight, May I know the progress of your framework ? Could you please share rtoutput.py to us ? thank you.

CEF output to Arcsight - where can I find 'rtoutput.py' ?

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

.conf24 | Personalize your .conf experience with Learning Paths!

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...