home

Mobile Endpoint Security

Mobile Endpoint SecuritySecurity Service Edge
Mobile Endpoint SecuritySecurity Service Edge

Lookout Product Documentation

Find answers about using and optimizing Lookout products.

Show Contents

Mobile Endpoint Security

Set up the Lookout App

Configure the Data Input Script (Splunk Enterprise Only)

You add Lookout Mobile Threat events to Splunk cloud using a data input script.

To configure the data input script:

  1. Click Settings > Data Inputs from the top right corner.
  2. In the Data Inputs window, click the Scripts button to view a list of all data input scripts currently installed.
  3. Click the link associated with the custom lookout script to open the edit screen: $SPLUNK_HOME/etc/apps/lookout_mobile_threat_defense_for_splunk/bin/mra_event_runner_splunk.py
  4. Enter the following information.
    Field Name Field Description
    Interval Number of seconds to wait before rerunning the script. 60 seconds is the default. Enter as an integer or in cron format.
    Source name override lookout (All Lookout Mobile Threat events are tagged with lookout_v2 as their source.)
    Set Sourcetype Choose Manual from the dropdown.
    Source type json_no_timestamp

Last updated: November 20, 2024

lookout-footer

Legal Privacy Policy Cookie Policy Transparency Report Compliance Info Compliance Info (Gov)

© 2024 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design® and the Lookout multi-color/multi-shaded Wingspan Design® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, and the 4 Bar Shield Design.