By default, Feed Service and Kaspersky Threat Feed App are configured to use the default integration scheme. This is a simple scheme intended for easy testing and evaluation of Kaspersky Threat Feed App for Splunk capabilities.
To integrate Feed Service with Splunk into the default integration scheme:
The verification test is a procedure that is used to check the capabilities of Kaspersky Threat Feed App and to confirm the accuracy of the integration. The verification test procedure is described in the documentation that comes with Feed Service.
For more information about adding email addresses to alert templates, see "Adding email addresses to alert templates" in Editing Kaspersky Threat Feed App configuration files.
If you want to change the integration scheme, you may have to edit the configuration files of Kaspersky Threat Feed App and Feed Service. For more information about changing the default integration scheme, see Changing the default integration scheme.
Page top