Security Applications
Not a Splunk user? Download Splunk, set up your Splunk server, and then install your Applications(s) to extend your server.
Featured Application:
Splunk for Network Security
More...
- Recent
- |
- Highly Rated
- |
- Most Downloaded
AfterGlow Graphing
This new search processor enables the generation of link graphs through Splunk. Make sure you follow the instructions in the README (once installed, located in etc/apps/afterglow) to configure the application!
Common Event Format - Field Extractions
CEF or the common event format is an event interoperability standard, defining a common syntax for communication among log generating devices and applications. This is an add-on to extract the fields of CEF messages.
Sancp/Sguil Add-on
This bundle indexes sancp logs when sancp is patched with the sguil output patch, extracts the fields, then sends to a processor which converts the decimal IP addresses to dotted format.
Sonicwall Firewall
This bundle performs field extractions for sonicwall TZ 170 without the UTM/IDS modules
Syslog Priority Decoder
this searchscript converts syslog priority into the appropriate severity and facility.
Splunk for Network Security
The Splunk Network Security application offers a set of reports, saved searches, and dashboards, as well as corresponding alerts that you can use to monitor your firewalls, intrusion detection and prevention systems, as well as operating systems.