All Fields Applications

Want to custom-define fields in your events?

Field Applications let you download field definitions to install in your Splunk server, or share fields you made yourself! Even better, an Application can have more than one type of content, so you can add fields to any Application.

Not a Splunk user? Download Splunk, set up your Splunk server, and then install your Applications(s) to extend your server.

More...

Screenshot

Splunk for UNIX

The Splunk for UNIX application is a compilation of a dashboard, saved searches, eventtypes, and field extractions that work for various flavors of UNIX. In addition, the application also ships with a set of scripted inputs that can be used to monitor UNIX machines. Inputs like top, ps, vmstat, and netstat are supported.

Author: Splunk Type: Searches, Scripted Inputs, Inputs, Fields, Event Types
Rating:
(4 votes)
 Added: 9 months ago
Downloads: 24,223 Last Updated: 2 months ago
License: Creative Commons Price: Free
Categories:
Screenshot

Splunk for Change Management

Splunk for Change Management provides predefined reports and dashboards to facilitate change auditing, change detection, change reporting, change validation and incident response based on change events, change tickets and configuration files.

Author: Splunk Type: Searches, Reports, Inputs, Fields, Event Types, Event Actions, Alerts
Rating:
(5 votes)
 Added: 8 months ago
Downloads: 690 Last Updated: 13 days ago
License: 30 Day Trial Price: Email sales@splunk.com for pricing
Categories:

Arkeia

Arkeia Network Backup Bundle used to index the common fields from the backup log file to make searching and reporting easier.

Author: maverick Type: Transactions, Searches, Reports, Fields, Event Types
Rating: Awaiting 3 votes Added: 14 months ago
Downloads: 93 Last Updated: 14 months ago
License: Creative Commons Price: Free
Categories:
Screenshot

Splunk for CISCO PIX

Cisco PIX firewall log bundle that indexes and extracts common fields, normalizing PIX firewall logs so they are Splunk-compliant and will work with other Splunk applications.

Author: Splunk Type: Searches, Reports, Fields, Event Types
Rating: Awaiting 3 votes Added: 14 months ago
Downloads: 1,625 Last Updated: 1 month ago
License: Creative Commons Price: Free
Categories:

Negative Searching Demo Bundle

This bundle, created jointly by Maverick and Stephen Sorkin, demonstrates a way to perform negative searches by indexing known patterns and catching anomalous patterns into a separate index.

Author: maverick Type: Searches, Reports, Inputs, Fields, Alerts
Rating: Awaiting 3 votes Added: 14 months ago
Downloads: 245 Last Updated: 14 months ago
License: Creative Commons Price: Free
Categories:

IPFW Firewall

This application contains field extractions and eventtypes for IPFW firewall log files.

Author: raffy Type: Fields
Rating: Awaiting 3 votes Added: 14 months ago
Downloads: 182 Last Updated: 2 months ago
License: Creative Commons Price: Free
Categories:
Screenshot

OpenBSD Packet Filter

This bundle contains field extractions and eventtypes for OpenBSD firewall events.

Author: raffy Type: Fields
Rating: Awaiting 3 votes Added: 14 months ago
Downloads: 158 Last Updated: 2 months ago
License: Creative Commons Price: Free
Categories:

Nessus Bundle

This bundle extracts the common fields from a Nessus Vulnerability Scanner log file, such as the hostname, port, script id, and type.

Author: maverick Type: Fields, Alerts, Reports, Searches
Rating: Awaiting 3 votes Added: 14 months ago
Downloads: 366 Last Updated: 14 months ago
License: Creative Commons Price: Free
Categories:

nscreen

This bundle is for field extraction and reporting on netscreen firewalls

Author: jon Type: Fields, Searches
Rating: Awaiting 3 votes Added: 14 months ago
Downloads: 548 Last Updated: 8 months ago
License: Creative Commons Price: Free
Categories:

Ironport field extractions

Provides file classification, date extraction, and extractions for ironport data.

Author: ssorkin Type: Custom Processing, Fields
Rating: Awaiting 3 votes Added: 14 months ago
Downloads: 171 Last Updated: 14 months ago
License: Creative Commons Price: Free
Categories:

Brian's valgrind bundle

aggregates and extracts information from valgrind logs

Author: BSplunk Type: Fields, Searches
Rating: Awaiting 3 votes Added: 14 months ago
Downloads: 17 Last Updated: 13 months ago
License: Creative Commons Price: Free
Categories:
None

Brian's crash report log bundle

Aggregates and extracts useful information from osx crash reporter logs.

Author: BSplunk Type: Fields, Reports
Rating: Awaiting 3 votes Added: 14 months ago
Downloads: 43 Last Updated: 13 months ago
License: Creative Commons Price: Free
Categories:
None
Screenshot

Web Page Monitor

This bundle will check a set of webpages every interval and index the result, time, size and optionally content and or crc of page(s). Its cool to do searches to see when your pages change, take long to load, or many other cool things.

Author: erik Type: Searches, Scripted Inputs, Inputs, Fields
Rating: Awaiting 3 votes Added: 14 months ago
Downloads: 972 Last Updated: 2 months ago
License: Creative Commons Price: Free
Categories:

adds support for anonymizing log files at index time

anonymizes ip address as 127.0.0.1 (localhost); email addresses as user@domain.com ; social-security-numbers as 555-00-0000; password/passwd looking values as 'password' ; username/userid/login/user looking values as 'bob'.

Author: carasso Type: Custom Processing, Fields
Rating: Awaiting 3 votes Added: 14 months ago
Downloads: 64 Last Updated: 14 months ago
License: Creative Commons Price: Free
Categories:

Snort fields

Extracts snort 2.6 fields which can be used in reporting.

Author: mfratto Type: Fields
Rating: Awaiting 3 votes Added: 13 months ago
Downloads: 185 Last Updated: 13 months ago
License: Creative Commons Price: Free
Categories:
Screenshot

Nmap Scripted Input & Field Extraction

Want to put your Nmap output into Splunk? Check out this add-on, which will parse your grepable Nmap output into a scripted input and then perform some field extraction on the data.

Author: araitz Type: Scripted Inputs, Fields
Rating: Awaiting 3 votes Added: 13 months ago
Downloads: 240 Last Updated: 13 months ago
License: Creative Commons Price: Free
Categories:

WebLogic Event Types

Field Extractions and Event Types that match events coming from WebLogic 9.2 and WebLogic 10.0.

Author: Splunk Type: Event Types, Fields
Rating: Awaiting 3 votes Added: 13 months ago
Downloads: 82 Last Updated: 11 months ago
License: Creative Commons Price: Free
Categories:

CheckPoint OPSEC LEA Application

This application contains an OPSEC LEA application to drop into Splunk 3.0 or later, offering a client, event types, and field extractions. It functions on Linux and on Solaris with gmake and gcc installed. The application conforms with the Splunk application standard, meaning that it uses common field names for its data.

Author: Splunk Type: Scripted Inputs, Fields, Event Types, Clients
Rating: Awaiting 3 votes Added: 13 months ago
Downloads: 261 Last Updated: 5 months ago
License: Creative Commons Price: Free
Categories:
Screenshot

OSX Battery Monitor

Bundle for monitoring battery usage on an OSX based laptop.

Author: kordless Type: Inputs, Fields
Rating: Awaiting 3 votes Added: 12 months ago
Downloads: 217 Last Updated: 12 months ago
License: Creative Commons Price: Free
Categories:

Checkpoint Event Field Extraction

Search-time parsing of following fields: loc, time, action, orig, i/f_dir, i/f_name, has_accounting, uuid, product, src, dst, proto, rule

Author: goldburtd Type: Fields
Rating: Awaiting 3 votes Added: 12 months ago
Downloads: 112 Last Updated: 12 months ago
License: Creative Commons Price: Free
Categories:

Watchguard Firebox

Field Extractions for Watchguard Firebox

Author: araitz Type: Fields
Rating: Awaiting 3 votes Added: 12 months ago
Downloads: 122 Last Updated: 12 months ago
License: Creative Commons Price: Free
Categories:

WebLogic Access

Field Extractions for WebLogic HTTP Access Logs

Author: vly Type: Fields
Rating: Awaiting 3 votes Added: 12 months ago
Downloads: 53 Last Updated: 12 months ago
License: Creative Commons Price: Free
Categories:

Postfix main.cf field extractions

This Add-on extracts fields related to useful troubleshooting and configuration from the Postfix main.cf configuration file.

Author: deeann Type: Fields
Rating: Awaiting 3 votes Added: 12 months ago
Downloads: 72 Last Updated: 12 months ago
License: Creative Commons Price: Free
Categories:

twiki logs

Contains the basic extractions as well as some saved searches, reports, event types, and custom dashboard modules.

Author: nick Type: Searches, Reports, Fields, Event Types, Event Actions
Rating: Awaiting 3 votes Added: 12 months ago
Downloads: 110 Last Updated: 7 months ago
License: Creative Commons Price: Free
Categories:
Screenshot

Bladelogic NSH and Agent Logs

This bundle contains field extractions for the Bladelogic agent and nsh log files. Some sample reports are also included.

Author: will Type: Reports, Fields
Rating: Awaiting 3 votes Added: 11 months ago
Downloads: 43 Last Updated: 8 months ago
License: Creative Commons Price: Free
Categories: