Technologies Fields Applications
Want to custom-define fields in your events?
Field Applications let you download field definitions to install in your Splunk server, or share fields you made yourself! Even better, an Application can have more than one type of content, so you can add fields to any Application.
Not a Splunk user? Download Splunk, set up your Splunk server, and then install your Applications(s) to extend your server.
- Recent
- |
- Highly Rated
- |
- Most Downloaded
Splunk for UNIX
The Splunk for UNIX application is a compilation of a dashboard, saved searches, eventtypes, and field extractions that work for various flavors of UNIX. In addition, the application also ships with a set of scripted inputs that can be used to monitor UNIX machines. Inputs like top, ps, vmstat, and netstat are supported.
Arkeia
Arkeia Network Backup Bundle used to index the common fields from the backup log file to make searching and reporting easier.
Cisco Pix Firewall Log Bundle
Cisco PIX firewall log bundle that indexes and extracts common fields, normalizing PIX firewall logs so they are Splunk-compliant and will work with other Splunk applications.
IPFW - Field Definitions
This bundle contains field extractions for IPFW firewall log files.
PF - Field Definitions
This bundle contains field definitions for OpenBSD firewall events.
Nessus Bundle
This bundle extracts the common fields from a Nessus Vulnerability Scanner log file, such as the hostname, port, script id, and type.
nscreen
This bundle is for field extraction and reporting on netscreen firewalls
Ironport field extractions
Provides file classification, date extraction, and extractions for ironport data.
Web Page Monitor
This bundle will check a set of webpages every interval and index the result, time, size and optionally content and or crc of page(s). Its cool to do searches to see when your pages change, take long to load, or many other cool things.
adds support for anonymizing log files at index time
anonymizes ip address as 127.0.0.1 (localhost); email addresses as user@domain.com ; social-security-numbers as 555-00-0000; password/passwd looking values as 'password' ; username/userid/login/user looking values as 'bob'.
Snort fields
Extracts snort 2.6 fields which can be used in reporting.
Nmap Scripted Input & Field Extraction
Want to put your Nmap output into Splunk? Check out this add-on, which will parse your grepable Nmap output into a scripted input and then perform some field extraction on the data.
WebLogic Event Types
Field Extractions and Event Types that match events coming from WebLogic 9.2 and WebLogic 10.0.
CheckPoint OPSEC LEA Application
This application contains an OPSEC LEA application to drop into Splunk 3.0 or later, offering a client, event types, and field extractions. It functions on Linux and on Solaris with gmake and gcc installed. The application conforms with the Splunk application standard, meaning that it uses common field names for its data.
OSX Battery Monitor
Bundle for monitoring battery usage on an OSX based laptop.
Checkpoint Event Field Extraction
Search-time parsing of following fields: loc, time, action, orig, i/f_dir, i/f_name, has_accounting, uuid, product, src, dst, proto, rule
Watchguard Firebox
Field Extractions for Watchguard Firebox
WebLogic Access
Field Extractions for WebLogic HTTP Access Logs
Postfix main.cf field extractions
This Add-on extracts fields related to useful troubleshooting and configuration from the Postfix main.cf configuration file.
twiki logs
Contains the basic extractions as well as some saved searches, reports, event types, and custom dashboard modules.
Bladelogic NSH and Agent Logs
This bundle contains field extractions for the Bladelogic agent and nsh log files. Some sample reports are also included.
Sonicwall Firewall
This bundle performs field extractions for sonicwall TZ 170 without the UTM/IDS modules
Exchange fields and inputs
This add-on applies to Microsoft Exchange event tracking logs, bringing their field names into compliance with the Splunk interface standard (see http://www.splunkbase.com/howtos/Splunk/howto:Understanding_Splunk's_interface_standards).
iptables fields, inputs, and event types
This add-on applies to iptables firewall logs, normalizing their field names so they work well with other Splunk applications.
Netcache fields, inputs, and event types
This add-on normalizes Netcache fields so that other Splunk applications understand them.