Security Inputs Applications

Want to define new inputs for your Splunk server?

Input Applications let you download pre-made definitions for bringing even more data into your Splunk server. Or, you can share your own! Along with those definitions, since Applications allow you to include more than one type of content, you can roll together a complete solution for a particular situation or program.

Not a Splunk user? Download Splunk, set up your Splunk server, and then install your Applications(s) to extend your server.

More...

Sancp/Sguil Add-on

This bundle indexes sancp logs when sancp is patched with the sguil output patch, extracts the fields, then sends to a processor which converts the decimal IP addresses to dotted format.

Author: araitz Type: Inputs, Custom Processing
Rating: Awaiting 3 votes Added: 10 months ago
Downloads: 29 Last Updated: 10 months ago
License: Creative Commons Price: Free
Categories:
Screenshot

Splunk for Network Security

The Splunk Network Security application offers a set of reports, saved searches, and dashboards, as well as corresponding alerts that you can use to monitor your firewalls, intrusion detection and prevention systems, as well as operating systems.

Author: Splunk Type: Searches, Reports, Inputs, Fields, Event Types, Alerts
Rating: Awaiting 3 votes Added: 2 months ago
Downloads: 725 Last Updated: 11 days ago
License: Creative Commons Price: Free
Categories:

Splunk for tcpdump

This application will allow you to collect data from a tcpdump standard output directly into Splunk, it will also perform the necessary field extractions based on the Common Information Model This application is compliant with the 3.3.x standard.

Author: rataide Type: Scripted Inputs, Inputs, Fields
Rating: Awaiting 3 votes Added: 26 days ago
Downloads: 82 Last Updated: 26 days ago
License: Creative Commons Price: Free
Categories: