ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Splunk connector is showing as Red Critical in ATP 3.1.


Article ID: 172306


Updated On:


Advanced Threat Protection Platform


In the Advanced Threat Protection (ATP) User Interface (UI) the "Splunk connector is showing as Red Critical".


The service that manages Splunk forwarding was not resourced correctly. ATP 3.2 has increased the number of threads the service can use and the memory overhead. This will provide the service with enough resources to function persistently.


This issue is resolved in ATP 3.2. If you are still on ATP 3.1 and cannot upgrade in a timely manner, please contact technial support for a hotfix to correct this.