Welcome to the new Splunkbase! To return to the old Splunkbase, click here.

Get more out of Splunk with applications

Trending Apps on Splunkbase

Splunk Add-on for Amazon Web Services (AWS) app icon
Splunk Add-on for Amazon Web Services (AWS)
By Splunk LLC
The Splunk Add-on for AWS, from version 7.0.0 and above, includes a merge of all the capabilities of the Splunk Add-on for Amazon Security Lake. This allows you to configure the Splunk Add-on for AWS to ingest data across all AWS data sources, facilitating the integration of AWS data into your Splunk platform deployment. If you use both the Splunk Add-on for Amazon Security Lake as well as the Splunk Add-on for AWS on the same Splunk instance, then you must uninstall the Splunk Add-on for Amazon Security Lake before upgrading the Splunk Add-on for AWS to version 7.0.0 or later in order to avoid any data duplication and discrepancy issues. __________________________________________________________________________________________________________ Ingesting data from AWS to Splunk Cloud? Have you tried the new Splunk Data Manager yet? Data Manager makes AWS data ingestion simpler, more automated and centrally managed for you, while co-existing with AWS and/or Kinesis TAs. Read our blog post to learn more about Data Manager and it’s availability on your Splunk Cloud instance: https://splk.it/3e9F863 __________________________________________________________________________________________________________ The Splunk Add-on for Amazon Web Services allows a Splunk software administrator to collect: * Configuration snapshots, configuration changes, and historical configuration data from the AWS Config service. * Metadata for your AWS EC2 instances, reserved instances, and EBS snapshots. * Compliance details, compliance summary, and evaluation status of your AWS Config Rules. * Assessment Runs and Findings data from the Amazon Inspector service. * Management and change events from the AWS CloudTrail service. * VPC flow logs and other logs from the CloudWatch Logs service. * Performance and billing metrics from the AWS CloudWatch service. * Billing reports that you have configured in AWS. * S3, CloudFront, and ELB access logs. * Generic data from your S3 buckets. * Generic data from your Kinesis streams. * Generic data from SQS. * Security events from Amazon Security Lake This add-on provides modular inputs and CIM-compatible knowledge to use with other apps, such as the Splunk App for AWS, Splunk Enterprise Security and Splunk IT Service Intelligence. Versions 5.0.0 and later of the Splunk Add-on for AWS is compatible only with Splunk Enterprise version 8.0.0 and above.
platform
Not Available
rating
(30)
Splunk Add-on for Amazon Web Services (AWS) support icon
splunk supported addon
Splunk Security Essentials app icon
Splunk Security Essentials
By Splunk LLC
Get started with Splunk for Security with Splunk Security Essentials (SSE). Explore security use cases and discover security content to start address threats and challenges. Security Content Library Find security content for Splunk Cloud and Splunk's SIEM and SOAR offerings and deploy out-of-the-box security detections and analytic stories to enhance your investigations and improve your security posture. Cybersecurity Frameworks Identify gaps in your defenses and take control of your security posture with automatic mapping of data and security detections to MITRE ATT&CK® and Cyber Kill Chain® framework. Data and Content Introspection Gain visibility of the data coming into your environment to add context and telemetry to security events. Enrich your security detections with metadata and tags from the Security Content Library. Security Data Journey Get prescriptive security and data recommendations and establish a data strategy to develop a security maturity roadmap. We have changed the security content delivery endpoint for ESCU to comply with Splunk guidance. This means that if you have SSE version 3.7.1 or lower, the last supported ESCU version is ESCU 4.22.0. In order to get the latest ESCU version, you will need to upgrade SSE to version 3.8.0. Learn more: Download the Product Brief : https://www.splunk.com/pdfs/product-briefs/splunk-security-essentials.pdf Try out Splunk Security Essentials: https://www.splunk.com/en_us/form/splunk-security-essentials-online-demo.html Check out the Documentation site: https://docs.splunk.com/Documentation/SSE
platform
Not Available
rating
(56)
Splunk Security Essentials support icon
splunk supported app
Splunk Machine Learning Toolkit app icon
Splunk Machine Learning Toolkit
By Splunk LLC
The Splunk Machine Learning Toolkit delivers new SPL commands, custom visualizations, assistants, and examples to explore a variety of ML concepts. Each assistant includes end-to-end examples with datasets, plus the ability to apply the visualizations and SPL commands to your own data. You can inspect the assistant panels and underlying code to see how it all works. MLTK Quick Reference Guide: https://docs.splunk.com/images/3/3f/Splunk-MLTK-QuickRefGuide-2019-web.pdf Assistants: * Predict Numeric Fields (Linear Regression): e.g. predict median house values. * Predict Categorical Fields (Logistic Regression): e.g. predict customer churn. * Detect Numeric Outliers (distribution statistics): e.g. detect outliers in IT Ops data. * Detect Categorical Outliers (probabilistic measures): e.g. detect outliers in diabetes patient records. * Forecast Time Series: e.g. forecast data center growth and capacity planning. * Cluster Numeric Events: e.g. cluster business anomalies to reduce noise. Smart Assistants (new assistants with revamped UI and better ml pipeline/experiment management): * Smart Forecasting Assistant:: e.g. forecasting app logons with special days. * Smart Outlier Detection Assistant: e.g. find anomalies in supermarket purchases. * Smart Clustering Assistant: e.g. cluster houses by property descriptions. * Smart Prediction Assistant: e.g. predict vulnerabilities in firewall data. Available on both on-premises and cloud. (c) Splunk 2024. All rights reserved.
platform
Not Available
rating
(38)
Splunk Machine Learning Toolkit support icon
splunk supported app

New Splunk Built and Supported Apps

Splunk App for Chargeback app icon
Splunk App for Chargeback
By Splunk LLC
The Splunk App for Chargeback aids customers in understand Splunk Virtual Compute (SVC) usage categorized by business units and departments, utilizing the identical SVC usage data available in the Cloud Monitoring Console (CMC) App within the customer's stack. To access bonus videos from conf23, click on the "Details" tab. IMPORTANT NOTES: 1. The document is now integrated into the app, accessible from the home dashboard. 2. For an optimal experience, consider installing the app independently. Search for "chargeback" among available apps, then click "Install" next to the Splunk App for Chargeback. Refer to the document on the home page for guidance. 3. If you're comfortable reviewing a slightly older document, visit this site: https://docs.splunk.com/Documentation/ChargebackApp/current/Use/Overview Description Splunk App for Chargeback provides an easy-to-use experience to analyze how internal business units are leveraging Splunk. The App provides the framework necessary for Chargeback and/or Showback use cases for: 1. Splunk Virtual Compute (SVC) 2. Dynamic Data: Active Searchable (DDAS) 3. Dynamic Data: Active Archive (DDAA) 4. Dynamic Data: Self-Storage (DDSS) 5. SmartStore The app provide the following functionally to all Splunk customers: - Framework for customers to build their own Chargeback and/or Showback models - Means to determine how many SVCs are allocated to various business units, departments, and users in those departments [Accounting]. - Means to automatically determine how Splunk Cloud stack resources are being used by the various business units [Utilization]. - Ability to drill-down and break down the usage starting at the highest level in the business all the way down to the user level - Ability to forecast SVC usage for the entire organization and by business unit using Splunk Machine Learning - Accurately maintained up-to-date list of identities along with corresponding Business Unit & Department information by way of indexing the data from a source like DB Connect or Active Directory ODS Support You can open an ODS request under task Install/Configure App or TA/Add-On in the support portal (https://www.splunk.com/pdfs/professional-services/splunk-ondemand-services-portal.pdf). Select after choosing Pick your Product = Splunk Core - Enterprise/Splunk Cloud. Enter under the subject/description that you need help configuring the Splunk App for Chargeback specifically. Feedback is always welcome and appreciated.
platform
Not Available
rating
(9)
Splunk App for Chargeback support icon
splunk supported app

Splunkbase Collections

Getting Started with Cisco Apps

24 solutions

See the power of Cisco + Splunk with these improved apps for Security and Observability

Collection icon

Getting Started with AI

9 solutions

These Machine Learning and AI powered apps and assistants give you the power of Machine Learning for common use cases with just a couple of clicks.

Collection icon

Pipeline Analytics for DevOps

13 solutions

Create visibility across your software development lifecycle

Collection icon

Detection and Response

31 solutions

Collect data across multiple security layers and manage threats quickly. Provide comprehensive protection for your organization.

Collection icon

Accenture Cloud Services

3 solutions

Get to value faster with Cloud First.

Collection icon

Getting Started with Security

15 solutions

These are the best apps to help you get started with security.

Collection icon

Most popular Splunk Cloud Apps

Splunk Add-on for Amazon Web Services (AWS) app icon
Splunk Add-on for Amazon Web Services (AWS)
By Splunk LLC
The Splunk Add-on for AWS, from version 7.0.0 and above, includes a merge of all the capabilities of the Splunk Add-on for Amazon Security Lake. This allows you to configure the Splunk Add-on for AWS to ingest data across all AWS data sources, facilitating the integration of AWS data into your Splunk platform deployment. If you use both the Splunk Add-on for Amazon Security Lake as well as the Splunk Add-on for AWS on the same Splunk instance, then you must uninstall the Splunk Add-on for Amazon Security Lake before upgrading the Splunk Add-on for AWS to version 7.0.0 or later in order to avoid any data duplication and discrepancy issues. __________________________________________________________________________________________________________ Ingesting data from AWS to Splunk Cloud? Have you tried the new Splunk Data Manager yet? Data Manager makes AWS data ingestion simpler, more automated and centrally managed for you, while co-existing with AWS and/or Kinesis TAs. Read our blog post to learn more about Data Manager and it’s availability on your Splunk Cloud instance: https://splk.it/3e9F863 __________________________________________________________________________________________________________ The Splunk Add-on for Amazon Web Services allows a Splunk software administrator to collect: * Configuration snapshots, configuration changes, and historical configuration data from the AWS Config service. * Metadata for your AWS EC2 instances, reserved instances, and EBS snapshots. * Compliance details, compliance summary, and evaluation status of your AWS Config Rules. * Assessment Runs and Findings data from the Amazon Inspector service. * Management and change events from the AWS CloudTrail service. * VPC flow logs and other logs from the CloudWatch Logs service. * Performance and billing metrics from the AWS CloudWatch service. * Billing reports that you have configured in AWS. * S3, CloudFront, and ELB access logs. * Generic data from your S3 buckets. * Generic data from your Kinesis streams. * Generic data from SQS. * Security events from Amazon Security Lake This add-on provides modular inputs and CIM-compatible knowledge to use with other apps, such as the Splunk App for AWS, Splunk Enterprise Security and Splunk IT Service Intelligence. Versions 5.0.0 and later of the Splunk Add-on for AWS is compatible only with Splunk Enterprise version 8.0.0 and above.
platform
Not Available
rating
(30)
Splunk Add-on for Amazon Web Services (AWS) support icon
splunk supported addon
Splunk Machine Learning Toolkit app icon
Splunk Machine Learning Toolkit
By Splunk LLC
The Splunk Machine Learning Toolkit delivers new SPL commands, custom visualizations, assistants, and examples to explore a variety of ML concepts. Each assistant includes end-to-end examples with datasets, plus the ability to apply the visualizations and SPL commands to your own data. You can inspect the assistant panels and underlying code to see how it all works. MLTK Quick Reference Guide: https://docs.splunk.com/images/3/3f/Splunk-MLTK-QuickRefGuide-2019-web.pdf Assistants: * Predict Numeric Fields (Linear Regression): e.g. predict median house values. * Predict Categorical Fields (Logistic Regression): e.g. predict customer churn. * Detect Numeric Outliers (distribution statistics): e.g. detect outliers in IT Ops data. * Detect Categorical Outliers (probabilistic measures): e.g. detect outliers in diabetes patient records. * Forecast Time Series: e.g. forecast data center growth and capacity planning. * Cluster Numeric Events: e.g. cluster business anomalies to reduce noise. Smart Assistants (new assistants with revamped UI and better ml pipeline/experiment management): * Smart Forecasting Assistant:: e.g. forecasting app logons with special days. * Smart Outlier Detection Assistant: e.g. find anomalies in supermarket purchases. * Smart Clustering Assistant: e.g. cluster houses by property descriptions. * Smart Prediction Assistant: e.g. predict vulnerabilities in firewall data. Available on both on-premises and cloud. (c) Splunk 2024. All rights reserved.
platform
Not Available
rating
(38)
Splunk Machine Learning Toolkit support icon
splunk supported app
Splunk Security Essentials app icon
Splunk Security Essentials
By Splunk LLC
Get started with Splunk for Security with Splunk Security Essentials (SSE). Explore security use cases and discover security content to start address threats and challenges. Security Content Library Find security content for Splunk Cloud and Splunk's SIEM and SOAR offerings and deploy out-of-the-box security detections and analytic stories to enhance your investigations and improve your security posture. Cybersecurity Frameworks Identify gaps in your defenses and take control of your security posture with automatic mapping of data and security detections to MITRE ATT&CK® and Cyber Kill Chain® framework. Data and Content Introspection Gain visibility of the data coming into your environment to add context and telemetry to security events. Enrich your security detections with metadata and tags from the Security Content Library. Security Data Journey Get prescriptive security and data recommendations and establish a data strategy to develop a security maturity roadmap. We have changed the security content delivery endpoint for ESCU to comply with Splunk guidance. This means that if you have SSE version 3.7.1 or lower, the last supported ESCU version is ESCU 4.22.0. In order to get the latest ESCU version, you will need to upgrade SSE to version 3.8.0. Learn more: Download the Product Brief : https://www.splunk.com/pdfs/product-briefs/splunk-security-essentials.pdf Try out Splunk Security Essentials: https://www.splunk.com/en_us/form/splunk-security-essentials-online-demo.html Check out the Documentation site: https://docs.splunk.com/Documentation/SSE
platform
Not Available
rating
(56)
Splunk Security Essentials support icon
splunk supported app

Most popular SOAR Connectors

Not finding the perfect app? Build it!

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community.