http://www.splunkbase.com/feed/apps.rss/Fields Latest SplunkBase Applications filtered by Fields Splunk Fri, 05 Sep 2008 23:26:14 +0000 http://www.splunkbase.com/apps/Fields/app:Splunk+for+Change+Management 95d9940cef25692b9483d352c8ed494c Splunk for Change Management provides predefined reports and dashboards to facilitate change auditing, change detection, change reporting, change validation and incident response based on change events, change tickets and configuration files. Splunk Thu, 04 Sep 2008 23:47:13 +0000 http://www.splunkbase.com/apps/Fields/app:Splunk+for+Network+Security 8a48676a95f0f7c3a5c567aa9f159b0e The Splunk Network Security application offers a set of reports, saved searches, and dashboards, as well as corresponding alerts that you can use to monitor your firewalls, intrusion detection and prevention systems, as well as operating systems. Splunk Thu, 04 Sep 2008 16:51:01 +0000 http://www.splunkbase.com/apps/Fields/app:Splunk+for+CISCO+PIX 740e6413701ddc9ceccf7ac81e2f90c6 Cisco PIX firewall log bundle that indexes and extracts common fields, normalizing PIX firewall logs so they are Splunk-compliant and will work with other Splunk applications. Splunk Thu, 21 Aug 2008 18:30:59 +0000 http://www.splunkbase.com/apps/Fields/app:Splunk+for+UNIX 94bc942e8cd8c90bf64d566700735e5d The Splunk for UNIX application is a compilation of a dashboard, saved searches, eventtypes, and field extractions that work for various flavors of UNIX. In addition, the application also ships with a set of scripted inputs that can be used to monitor UNIX machines. Inputs like top, ps, vmstat, and netstat are supported. Splunk Wed, 20 Aug 2008 18:31:47 +0000 http://www.splunkbase.com/apps/Fields/app:Splunk+for+Snort c4de85d8c07f02e7aae87c5d2cf2f925 This application applies to Snort alert logs, bringing their field names into compliance with the Splunk interface standard (see http://www.splunkbase.com/howtos/Splunk/howto:Understanding_Splunk's_interface_standards). raffy Mon, 18 Aug 2008 23:24:52 +0000 http://www.splunkbase.com/apps/Fields/app:OpenBSD+Packet+Filter 2f14c07247b6405bdfd89eccd3029a13 This bundle contains field extractions and eventtypes for OpenBSD firewall events. raffy Mon, 18 Aug 2008 23:21:49 +0000 http://www.splunkbase.com/apps/Fields/app:IPFW+Firewall 916954b39e6fa95fba91c6ba82c82f95 This application contains field extractions and eventtypes for IPFW firewall log files. erik Fri, 15 Aug 2008 03:17:24 +0000 http://www.splunkbase.com/apps/Fields/app:Web+Page+Monitor 9f5cf71efea79575dcb8050cb6518d02 This bundle will check a set of webpages every interval and index the result, time, size and optionally content and or crc of page(s). Its cool to do searches to see when your pages change, take long to load, or many other cool things. rataide Thu, 10 Jul 2008 18:58:23 +0000 http://www.splunkbase.com/apps/Fields/app:Squid+Web+Proxy 28b667bd334e8ba8a3d4e9759d5b1d12 == Squid Application == This application will provide additional field extractions for Squid Proxy Server access_log files == Using Squid Application == At search time the following additional fields will be available: - duration - clientip - action - http_status - bytes - method - uri - proto - uri_host - uri_port - uri_path - username - hierarchy - server_ip - content_type Splunk Wed, 28 May 2008 22:12:24 +0000 http://www.splunkbase.com/apps/Fields/app:Splunk+for+Citrix+XenServer+Management 931cc18d8db03fec361e7e2dfd2c99bd This Splunk application manages Citrix XenServers. It includes inputs, indexing, searches, reports, dashboards and field actions. Splunk Fri, 16 May 2008 23:30:02 +0000 http://www.splunkbase.com/apps/Fields/app:CheckPoint+OPSEC+LEA+Application 3d146d4b3b3e0cb8086f5f952a40e868 This application contains an OPSEC LEA application to drop into Splunk 3.0 or later, offering a client, event types, and field extractions. It functions on Linux and on Solaris with gmake and gcc installed. The application conforms with the Splunk application standard, meaning that it uses common field names for its data. nick Wed, 05 Mar 2008 21:37:27 +0000 http://www.splunkbase.com/apps/Fields/app:twiki+logs 5a4fe80afcf0571e3f24ed6bf20bf0ae Contains the basic extractions as well as some saved searches, reports, event types, and custom dashboard modules. jon Tue, 04 Mar 2008 00:49:02 +0000 http://www.splunkbase.com/apps/Fields/app:nscreen ed90be4ca3bd609a480731d22e9e2bcf This bundle is for field extraction and reporting on netscreen firewalls will Mon, 03 Mar 2008 21:42:42 +0000 http://www.splunkbase.com/apps/Fields/app:Bladelogic+NSH+and+Agent+Logs 29db097c416a52e8bcb94a860b4ea713 This bundle contains field extractions for the Bladelogic agent and nsh log files. Some sample reports are also included. btrnoc Fri, 15 Feb 2008 09:08:41 +0000 http://www.splunkbase.com/apps/Fields/app:Juniper+SSG+%28aka+Netscreen%29+blocked+URL+search+fields fb19f86c89e0238a5ab536c7fa6fad3f Juniper SSG (aka Netscreen) log that indexes and extracts URL blocked entries, such as source and destination addresses, URL and category Splunk Mon, 14 Jan 2008 18:36:24 +0000 http://www.splunkbase.com/apps/Fields/app:Windows+logs+through+Snare+fields%2C+inputs%2C+and+event+types d1622685eb55d92d97a3d0883d347583 This add-on applies to Windows logs captured through Snare, bringing their field names into compliance with the Splunk interface standard (see http://www.splunkbase.com/howtos/Splunk/howto:Understanding_Splunk's_interface_standards). Splunk Mon, 14 Jan 2008 18:33:07 +0000 http://www.splunkbase.com/apps/Fields/app:Sendmail+fields%2C+inputs%2C+and+event+types e6e1c2112286c360aa09c203dcdad2ab This add-on applies to Sendmail logs, bringing their field names into compliance with the Splunk interface standard (see http://www.splunkbase.com/howtos/Splunk/howto:Understanding_Splunk's_interface_standards). Splunk Mon, 14 Jan 2008 18:30:11 +0000 http://www.splunkbase.com/apps/Fields/app:Netcache+fields%2C+inputs%2C+and+event+types 3dda8837097357ffcdb02b8489237812 This add-on normalizes Netcache fields so that other Splunk applications understand them. Splunk Mon, 14 Jan 2008 18:22:47 +0000 http://www.splunkbase.com/apps/Fields/app:iptables+fields%2C+inputs%2C+and+event+types 8e50a9451bd5816f9724fa6f991c34f5 This add-on applies to iptables firewall logs, normalizing their field names so they work well with other Splunk applications. Splunk Mon, 14 Jan 2008 18:22:06 +0000 http://www.splunkbase.com/apps/Fields/app:Exchange+fields+and+inputs c3c01540d9e1f1909b49230ea3661d5c This add-on applies to Microsoft Exchange event tracking logs, bringing their field names into compliance with the Splunk interface standard (see http://www.splunkbase.com/howtos/Splunk/howto:Understanding_Splunk's_interface_standards). araitz Wed, 19 Dec 2007 01:31:17 +0000 http://www.splunkbase.com/apps/Fields/app:Sonicwall+Firewall 744dc2c0b92faad8233e35bda951406b This bundle performs field extractions for sonicwall TZ 170 without the UTM/IDS modules raffy Thu, 06 Dec 2007 02:11:28 +0000 http://www.splunkbase.com/apps/Fields/app:Common+Event+Format+-+Field+Extractions e9265533eac559bd2aa0f535fcb64c09 CEF or the common event format is an event interoperability standard, defining a common syntax for communication among log generating devices and applications. This is an add-on to extract the fields of CEF messages. Splunk Tue, 06 Nov 2007 23:24:42 +0000 http://www.splunkbase.com/apps/Fields/app:WebLogic+Event+Types 1ecc7a19fb8c03170fe6510af75727db Field Extractions and Event Types that match events coming from WebLogic 9.2 and WebLogic 10.0. deeann Thu, 18 Oct 2007 23:08:37 +0000 http://www.splunkbase.com/apps/Fields/app:Postfix+main.cf+field+extractions 21d2c0fe14ab80e15824e2d4fb820067 This Add-on extracts fields related to useful troubleshooting and configuration from the Postfix main.cf configuration file. araitz Fri, 12 Oct 2007 16:53:07 +0000 http://www.splunkbase.com/apps/Fields/app:Watchguard+Firebox e2ee1fedc52b4d333682a90057c29666 Field Extractions for Watchguard Firebox vly Fri, 12 Oct 2007 06:51:05 +0000 http://www.splunkbase.com/apps/Fields/app:WebLogic+Access 2fe0038ae954def137a22b7e57a06b98 Field Extractions for WebLogic HTTP Access Logs goldburtd Tue, 09 Oct 2007 16:43:50 +0000 http://www.splunkbase.com/apps/Fields/app:Checkpoint+Event+Field+Extraction 2972347cfd6e27f50e215dc9c070df32 Search-time parsing of following fields: loc, time, action, orig, i/f_dir, i/f_name, has_accounting, uuid, product, src, dst, proto, rule kordless Mon, 08 Oct 2007 01:19:21 +0000 http://www.splunkbase.com/apps/Fields/app:OSX+Battery+Monitor d1dfec17085c80fbfb05090fd54a1548 Bundle for monitoring battery usage on an OSX based laptop. BSplunk Mon, 01 Oct 2007 17:05:39 +0000 http://www.splunkbase.com/apps/Fields/app:Brian%27s+valgrind+bundle 88d83453e8b02fdb2e84a491c7d25ab6 aggregates and extracts information from valgrind logs BSplunk Mon, 01 Oct 2007 17:05:18 +0000 http://www.splunkbase.com/apps/Fields/app:Brian%27s+crash+report+log+bundle b294d9e6a2e0c4b062d18d02650f791e Aggregates and extracts useful information from osx crash reporter logs. mfratto Mon, 01 Oct 2007 14:36:44 +0000 http://www.splunkbase.com/apps/Fields/app:Snort+fields 786e4729ca04060a32e4dee2ba912b4d Extracts snort 2.6 fields which can be used in reporting. araitz Fri, 28 Sep 2007 01:13:34 +0000 http://www.splunkbase.com/apps/Fields/app:Nmap+Scripted+Input+%26+Field+Extraction 94b5178420bfbcd37d4201914be5ac85 Want to put your Nmap output into Splunk? Check out this add-on, which will parse your grepable Nmap output into a scripted input and then perform some field extraction on the data. maverick Fri, 07 Sep 2007 04:20:12 +0000 http://www.splunkbase.com/apps/Fields/app:Nessus+Bundle 761b6685ad2bb1f397ab50934bd0affe This bundle extracts the common fields from a Nessus Vulnerability Scanner log file, such as the hostname, port, script id, and type. maverick Fri, 07 Sep 2007 04:18:53 +0000 http://www.splunkbase.com/apps/Fields/app:Negative+Searching+Demo+Bundle 5c0f7184d8c648bae1e1991d91f83aef This bundle, created jointly by Maverick and Stephen Sorkin, demonstrates a way to perform negative searches by indexing known patterns and catching anomalous patterns into a separate index. maverick Fri, 07 Sep 2007 04:16:47 +0000 http://www.splunkbase.com/apps/Fields/app:Arkeia 3b217e3bda333d2eb467cb0dd83ad7ff Arkeia Network Backup Bundle used to index the common fields from the backup log file to make searching and reporting easier. carasso Mon, 20 Aug 2007 01:23:57 +0000 http://www.splunkbase.com/apps/Fields/app:adds+support+for+anonymizing+log+files+at+index+time 68d72996a68ce809bc4d3c7b54916d9e anonymizes ip address as 127.0.0.1 (localhost); email addresses as user@domain.com ; social-security-numbers as 555-00-0000; password/passwd looking values as 'password' ; username/userid/login/user looking values as 'bob'. ssorkin Fri, 17 Aug 2007 20:07:35 +0000 http://www.splunkbase.com/apps/Fields/app:Ironport+field+extractions 54b9c491e0030048e9dc8718f26927d9 Provides file classification, date extraction, and extractions for ironport data.