The Archive supports a collection of apps for Splunk prior to version 4.0. Browse the menu at left to find apps or add-ons by the category of solution they provide or the Splunk function they're built for. To learn more about installing apps in Splunk 3.x, check the Adminstration Manual for your version.
Field apps let you download field definitions to install in your Splunk server, or share fields you made yourself! Even better, an app can have more than one type of content, so you can add fields to any app.
Search-time parsing of following fields: loc, time, action, orig, i/f_dir, i/f_name, has_accounting, uuid, product, src, dst, proto, rule
This application contains an OPSEC LEA application to drop into Splunk 3.3 or later, offering a client, event types, and field extractions. This version is compiled for Solaris. The application conforms with the Splunk common information model, meaning that it uses common field names for its data.
This application contains an OPSEC LEA application to drop into Splunk 3.3 or later, offering a client, event types, and field extractions. This version is compiled for Solaris. The application conforms with the Splunk common information model, meaning that it uses common field names for its data.