rataide

This search script will add additional information from a CSV file to your events. Changelog: v1.2 - Now includes basic error checking and additional fixes for malformed CSV files

This application will allow you to collect data from a tcpdump standard output directly into Splunk, it will also perform the necessary field extractions based on the Common Information Model This application is compliant with the 3.3.x standard.

This search script (nslookup.py) will perform reverse name lookup on every IP from an event at search time.

== Squid Application == This application will provide additional field extractions for Squid Proxy Server access_log files == Using Squid Application == At search time the following additional fields will be available: - duration - clientip - action - http_status - bytes - method - uri - proto - uri_host - uri_port - uri_path - username - hierarchy - server_ip - content_type