Network IDS / IPS Applications

Not a Splunk user? Download Splunk, set up your Splunk server, and then install your Applications(s) to extend your server.

Snort fields

Extracts snort 2.6 fields which can be used in reporting.

Author: mfratto Type: Fields
Rating: Awaiting 3 votes Added: 13 months ago
Downloads: 178 Last Updated: 12 months ago
License: Creative Commons Price: Free
Categories:

Sancp/Sguil Add-on

This bundle indexes sancp logs when sancp is patched with the sguil output patch, extracts the fields, then sends to a processor which converts the decimal IP addresses to dotted format.

Author: araitz Type: Inputs, Custom Processing
Rating: Awaiting 3 votes Added: 10 months ago
Downloads: 29 Last Updated: 10 months ago
License: Creative Commons Price: Free
Categories:
Screenshot

Splunk for Snort

This application applies to Snort alert logs, bringing their field names into compliance with the Splunk interface standard (see http://www.splunkbase.com/howtos/Splunk/howto:Understanding_Splunk's_interface_standards).

Author: Splunk Type: Inputs, Fields, Event Types
Rating: Awaiting 3 votes Added: 9 months ago
Downloads: 485 Last Updated: 2 months ago
License: Creative Commons Price: Free
Categories: