Searching Connect Indexes
Connect Indexes store Tripwire Enterprise change data and/or IP360 vulnerability data. This topic explains how to run a customized query of your Connect Indexes with the Splunk Search Processing Language (SPL).
For more information about SPL, see https://www.splunk.com/en_us/resources/search-processing-language.html.
|
Note: |
To search the Connect Indexes, the ConnectAdmin permission must be assigned to your user account. |
|---|
To search your Connect Indexes:
| 1. | In the side bar, select Connect Reporting > Reporting. |
| 2. | In the workspace, select the SEARCH tab. |
| 3. | In the Search field, enter an SPL query and click Search. |
Tripwire Connect presents the query results in the workspace.
| 4. | (Optional) To export the query results to a CSV, XML, or JSON file, click Export. |