raffy

This new search processor enables the generation of link graphs through Splunk. Make sure you follow the instructions in the README (once installed, located in etc/apps/afterglow) to configure the application!

CEF or the common event format is an event interoperability standard, defining a common syntax for communication among log generating devices and applications. This is an add-on to extract the fields of CEF messages.

This bundle adds new field actions for IP addresses to locate the geographic origin of a connection.

This bundle contains field definitions for OpenBSD firewall events.

This bundle contains field extractions for IPFW firewall log files.