After installing SPE 8.0, attempting the Onboarding procedure for the centralized console produces the following error:
Sorry, we are unable to process your request at this time. If the problem persists, please contact support.
Provisioning failed during the onboarding procedure.
Q1. Once I have my account, how do I enroll scanners?
Q2. How do I change passwords?
A2. Each user should be able to change their own password on (username)>My Account.
Q3. How do I view my scanners to prove definition version?
A3. Navigate within a SPE domain to Assets > Scanners
Q4. How do I export the list of SPE scanners?
A4. In browser, right click, click "Save As...". In Excel, create a new blank spreadsheet, then on Data tab, click "Get External Data", click From Web, then specify file://(paste full path and filename, including extension). This is a little clunky, but it works.
Q5. Is there no Export to .csv function on the scanners page?
A5. Seems like a separate case for an enhancement request.
Q6. How do I export event data from the centralized console to splunk?
Q7. How do I export event data from the centralized console to QRadar?
A7. Currently, the API permits support to assist with configuring to permit login and query for events. A similar product, Symantec Endpoint Detection and Response, has an add-in console that installs into QRadar, accepts API credentials from SEDR, then queries for event data from SEDR. Currently, I am not aware of a SPE add-in for QRadar.You would need to craft your own python script to perform these queries. To request BROADCOM to craft a SPE App for QRadar would be an enhancement request.