Networking Fields Applications

Want to custom-define fields in your events?

Field Applications let you download field definitions to install in your Splunk server, or share fields you made yourself! Even better, an Application can have more than one type of content, so you can add fields to any Application.

Not a Splunk user? Download Splunk, set up your Splunk server, and then install your Applications(s) to extend your server.

More...

Screenshot

Splunk for CISCO PIX

Cisco PIX firewall log bundle that indexes and extracts common fields, normalizing PIX firewall logs so they are Splunk-compliant and will work with other Splunk applications.

Author: Splunk Type: Searches, Reports, Fields, Event Types
Rating: Awaiting 3 votes Added: 14 months ago
Downloads: 1,563 Last Updated: 1 month ago
License: Creative Commons Price: Free
Categories:

IPFW Firewall

This application contains field extractions and eventtypes for IPFW firewall log files.

Author: raffy Type: Fields
Rating: Awaiting 3 votes Added: 14 months ago
Downloads: 178 Last Updated: 2 months ago
License: Creative Commons Price: Free
Categories:
Screenshot

OpenBSD Packet Filter

This bundle contains field extractions and eventtypes for OpenBSD firewall events.

Author: raffy Type: Fields
Rating: Awaiting 3 votes Added: 14 months ago
Downloads: 152 Last Updated: 2 months ago
License: Creative Commons Price: Free
Categories:

nscreen

This bundle is for field extraction and reporting on netscreen firewalls

Author: jon Type: Fields, Searches
Rating: Awaiting 3 votes Added: 14 months ago
Downloads: 533 Last Updated: 7 months ago
License: Creative Commons Price: Free
Categories:

CheckPoint OPSEC LEA Application

This application contains an OPSEC LEA application to drop into Splunk 3.0 or later, offering a client, event types, and field extractions. It functions on Linux and on Solaris with gmake and gcc installed. The application conforms with the Splunk application standard, meaning that it uses common field names for its data.

Author: Splunk Type: Scripted Inputs, Fields, Event Types, Clients
Rating: Awaiting 3 votes Added: 12 months ago
Downloads: 251 Last Updated: 5 months ago
License: Creative Commons Price: Free
Categories:

Checkpoint Event Field Extraction

Search-time parsing of following fields: loc, time, action, orig, i/f_dir, i/f_name, has_accounting, uuid, product, src, dst, proto, rule

Author: goldburtd Type: Fields
Rating: Awaiting 3 votes Added: 12 months ago
Downloads: 110 Last Updated: 12 months ago
License: Creative Commons Price: Free
Categories:

Watchguard Firebox

Field Extractions for Watchguard Firebox

Author: araitz Type: Fields
Rating: Awaiting 3 votes Added: 12 months ago
Downloads: 114 Last Updated: 12 months ago
License: Creative Commons Price: Free
Categories:

Sonicwall Firewall

This bundle performs field extractions for sonicwall TZ 170 without the UTM/IDS modules

Author: araitz Type: Fields
Rating: Awaiting 3 votes Added: 10 months ago
Downloads: 113 Last Updated: 10 months ago
License: Creative Commons Price: Free
Categories:

iptables fields, inputs, and event types

This add-on applies to iptables firewall logs, normalizing their field names so they work well with other Splunk applications.

Author: Splunk Type: Inputs, Fields, Event Types
Rating: Awaiting 3 votes Added: 9 months ago
Downloads: 296 Last Updated: 9 months ago
License: Creative Commons Price: Free
Categories:

Splunk for tcpdump

This application will allow you to collect data from a tcpdump standard output directly into Splunk, it will also perform the necessary field extractions based on the Common Information Model This application is compliant with the 3.3.x standard.

Author: rataide Type: Scripted Inputs, Inputs, Fields
Rating: Awaiting 3 votes Added: 21 days ago
Downloads: 74 Last Updated: 21 days ago
License: Creative Commons Price: Free
Categories: