Answer by starcher
TQ does not support Splunk ES. You need to make an integration layer that breaks their threatq kvstore table into an ES friendly intel table and tell ES to consume that.
View ArticleAnswer by beyondjass
Could someone point me to ThreatQuotient integration with Splunk. Specifically when Splunk is deployed in different location than ThreatQuotient. ,
View Article