Security Applications Custom Processing Applications

Want to tweak the way Splunk indexes particular types of data?

Custom Processor Applications allow you to change how Splunk handles particular data sources. Create your own, or download scripts created by other members of the Splunk community! Even better, since Applications can have more than one type of content, you can include other features as well!

Not a Splunk user? Download Splunk, set up your Splunk server, and then install your Applications(s) to extend your server.

adds support for anonymizing log files at index time

anonymizes ip address as 127.0.0.1 (localhost); email addresses as user@domain.com ; social-security-numbers as 555-00-0000; password/passwd looking values as 'password' ; username/userid/login/user looking values as 'bob'.

Author: carasso Type: Custom Processing, Fields
Rating: Awaiting 3 votes Added: 13 months ago
Downloads: 57 Last Updated: 13 months ago
License: Creative Commons Price: Free
Categories:

Sancp/Sguil Add-on

This bundle indexes sancp logs when sancp is patched with the sguil output patch, extracts the fields, then sends to a processor which converts the decimal IP addresses to dotted format.

Author: araitz Type: Inputs, Custom Processing
Rating: Awaiting 3 votes Added: 9 months ago
Downloads: 29 Last Updated: 9 months ago
License: Creative Commons Price: Free
Categories: