Open jnudell opened 1 month ago
We will review this, SC4S provides metadata for sourcetype, source and addon.
Hi @rjha-splunk, do you have any updates on this? Do you have more technical details regarding why InfoBlox NIOS DNS data is not CIM compliant at this time?
Thanks!
Hi @jnudell SC4S prepares metadata to handover to TAs.
Can you please elaborate it in detail what is expected from SC4S team including sourcetype override.
The warning was added to mention that although the TA doc says it was not cim compliant (2019), kindly raise a support case for the team to look into details, they can check with the TA development team to provide more details here.
As per current documentation (https://splunk.github.io/splunk-connect-for-syslog/main/sources/vendor/InfoBlox/) InfoBlox NIOS DNS data is not CIM compliant and the current recommendation is to use Splunk Stream (which has not been updated in over a year).
I would like to request that the SC4S team fix the InfoBlox NIOS DNS data to be CIM compliant.