Installation of BforeAI PreCrime - Splunk App
BforeAI PreCrime can be installed through the UI as shown below or extract the zip file directly into the $SPLUNK_HOME/etc/apps/ folder.
● Installation step from UI:
- Log in to Splunk and navigate to Apps > Manage Apps.
- Click Install app from the file.
- Click Choose file and select the App installation file.
- Click on Upload.
- Restart Splunk if prompted.
Configuration for BforeAI PreCrime - Splunk App
Configure Account
- Go to BforeAI PreCrime > Configuration
- Click Add from the top right corner.
- Add a unique Account Name, API URL, Username and Password.
- Click on the Add button.
- Once The Account is added. The list of all the added Accounts is visible on the Configurations page.
To update an Account
- Go to BforeAI PreCrime > Configuration
- Find the account User wants to Edit from the list of configured accounts.
- Click on Action > Edit
- Update the required parameters in the dialogue box.
- Click on Update.
To clone an Account
- Go to BforeAI PreCrime > Configuration
- Find the account User wants to Clone from the list of configured accounts.
- Click on Action > Clone
- Add the required parameters in the dialogue box.
- Click on save.
To remove an Account
Note: Before removing the Account make sure none of the Input is using the account User wants to remove.
- Go to BforeAI PreCrime > Configuration
- Find the account User wants to Delete from the list of configured accounts.
- Click on Action > Delete.
Proxy page
A user can configure the proxy for BforeAI PreCrime through this page. And supported proxy types are http and socks5.
- Go to BforeAI PreCrime > Configuration > Proxy.
- Provide Proxy Type, Host, Port, Username and Password then click on Save button.
To use the proxy, click on enable.
Logging Page
A user can configure the logging level for the BforeAI PreCrime through this page.
- Go to BforeAI PreCrime > Configuration > Logging.
- Select the Log Level from the drop-down and Save it.
Inputs Page
Users can manually create Modular Input by following below steps.
- Go to BforeAI PreCrime >Inputs.
- Click on create new input
- And fill all parameters shown in this table.
- Click on the save button.
|
Parameters |
Type |
Description |
|
Name |
Textbox |
A name to uniquely identify the input. |
|
Interval |
Textbox |
Time interval for input in seconds. Default = 86400 |
|
Index |
Dropdown |
The index in which data should be collected. required (can use the default “main” or create a new index already present in the macro named “precrime”. You can use any other index name that you created, however you should add it in the macro searches |
|
Global Account |
Dropdown |
Select the BforeAI PreCrime Account for which you want to collect data. |
|
Start Date |
Textbox |
Enter Start date in YYYY-MM-DD format. EX: 2024-04-01 |
To Disable an Input
- Go to BforeAI PreCrime > Inputs.
- Find the input User wants to Disable from the list of inputs.
- Click on Status> Enabled.
To Enable an Input
- Go to BforeAI PreCrime > Inputs.
- Find the input User wants to Enable from the list of inputs.
- Click on Status> Disabled
To Edit an Input
- Go to BforeAI PreCrime > Inputs
- Find the Input User wants to edit from the list of configured inputs.
- Click on Action > Edit
- Update the required(desired) parameters in the dialogue box.
- Click on Update.
To Clone and Delete Input
- Perform the same steps as above mentioned:
- Go to BforeAI PreCrime > Inputs
- Action > Clone/Delete