• This repository has been archived on 21/Apr/2023
  • Stars
    star
    21
  • Rank 1,084,038 (Top 22 %)
  • Language
    Puppet
  • License
    MIT License
  • Created about 9 years ago
  • Updated over 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Deploy Splunk instances on Windows and Linux in simple, distributed or (multisite) clustered topologies. Demoed by Splunk at .conf2017

More Repositories

1

EDRevals

Splunk app to compare Endpoint Detection and Response solutions based on MITRE ATT&CK evaluations (APT3, APT29, Carbanak + FIN7, Wizard Spider + Sandworm)
16
star
2

TA-dmarc

Add-on for ingesting DMARC aggregate reports into Splunk
Python
15
star
3

TA-defender-atp-hunting

Add-on to onboard telemetry data via Microsoft Defender ATP hunting API in Splunk (ES)
Python
8
star
4

TA-ad-assets-identities

Dump all users, groups and computers from an Active Directory domain into an asset and identities lookup usable by Splunk Enterprise Security.
Python
7
star
5

TA-netflow-logstash

CIM compliant TA to enable Netflow v5, v9 and IPFIX events in Splunk (Enterprise Security)
4
star
6

TA-bro-ids

CIM compliant TA to enable Bro IDS events in Splunk
3
star
7

TA-oscap-oval

TA for evaluating RHEL and SLES OVAL definitions for Splunk
XSLT
2
star
8

TA-p0f

TA-p0f (passive os fingerprinting tool) for Splunk
2
star
9

TA-vsftpd

CIM compliant TA to enable vsftpd events in Splunk (Enterprise Security)
2
star
10

TA-mbsa

Microsoft Baseline Security Analyzer add-on for Splunk
Batchfile
2
star
11

TA-skybox

Technical add-on for Splunk to query Skybox Security API
Python
2
star
12

nessus2json

Convert Nessus XML export to JSON for use in Tableau or Power BI
Python
1
star
13

TA-mysql-audit

MySQL audit add-on for Splunk
1
star
14

TA-suricata

CIM compliant TA to enable Suricata events in Splunk (Enterprise Security)
1
star
15

TA-messagetracking-for-cisco-esa

Convert cisco:esa:textmail logs into clean message tracking events with rich metadata for Splunk Enterprise Security
1
star
16

TA-windows-filtering-platform

CIM compliant TA to enable Windows firewall events (5156)
1
star
17

TA-w32time

TA-w32time for Splunk
1
star