How to verify "Security Incident Response (SIR)" in PDI (Personal Development Environment)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-07-2024 07:35 PM
●The content of the question is as follows.
In order to verify the operation of "Security Incident Response (SIR)" in PDI (Personal Development Environment),
I was proceeding with the settings according to the setup assistant of "SIR", but the following problem occurred during the process.
It is no longer possible to proceed with the setup task.
I would appreciate it if you could tell me how to solve this problem (setup method).
●The issues that are occurring are as follows.
Install "SIR" from the application manager on PDI,
When I was proceeding with the setup according to the setup assistant,
I was unable to proceed further due to the "Sighting Search" settings.
Specifically, if you follow the setup assistant, the "Sighting Search" settings include:
Since it seems that a separate plugin is required, on the same screen as when installing "SIR" (all > Plugins),
When I searched for "Sighting Search" and installed multiple plugins that were displayed,
It looked like I could set up a plugin called "Splunk - Incident Enrichment" (Image 1).
When I clicked the "Add Instance" button, it stuck on a blank white screen. The situation will be (Image 2).
