Security Applications

Not a Splunk user? Download Splunk, set up your Splunk server, and then install your Applications(s) to extend your server.

More...

Screenshot

AfterGlow Graphing

This new search processor enables the generation of link graphs through Splunk. Make sure you follow the instructions in the README (once installed, located in etc/apps/afterglow) to configure the application!

Author: raffy Type: Searches, Search Commands, Event Actions
Rating:
(3 votes)
 Added: 12 months ago
Downloads: 1,025 Last Updated: 6 days ago
License: Creative Commons Price: Free
Categories:

Common Event Format - Field Extractions

CEF or the common event format is an event interoperability standard, defining a common syntax for communication among log generating devices and applications. This is an add-on to extract the fields of CEF messages.

Author: raffy Type: Fields
Rating: Awaiting 3 votes Added: 9 months ago
Downloads: 72 Last Updated: 9 months ago
License: Creative Commons Price: Free
Categories:

Sancp/Sguil Add-on

This bundle indexes sancp logs when sancp is patched with the sguil output patch, extracts the fields, then sends to a processor which converts the decimal IP addresses to dotted format.

Author: araitz Type: Inputs, Custom Processing
Rating: Awaiting 3 votes Added: 8 months ago
Downloads: 14 Last Updated: 8 months ago
License: Creative Commons Price: Free
Categories:

Sonicwall Firewall

This bundle performs field extractions for sonicwall TZ 170 without the UTM/IDS modules

Author: araitz Type: Fields
Rating: Awaiting 3 votes Added: 8 months ago
Downloads: 45 Last Updated: 8 months ago
License: Creative Commons Price: Free
Categories:

Syslog Priority Decoder

this searchscript converts syslog priority into the appropriate severity and facility.

Author: kbains Type: Search Commands
Rating: Awaiting 3 votes Added: 3 months ago
Downloads: 55 Last Updated: 3 months ago
License: Creative Commons Price: Free
Categories: