Splunk App for AWS
The Splunk App for AWS (Amazon Web Services) gives you critical operational and security insight into your Amazon Web Services account. The app includes: * A pre-built knowledge base of dashboards, reports, and alerts that deliver real-time visibility into your environment. * Easy-to-configure data inputs for your Config, CloudTrail, CloudWatch, VPC Flow Logs, Billing, and S3 data. * A logical topology dashboard that displays your entire AWS infrastructure to help you optimize resources and detect problems. * CIM-compliant fields and tags so that you can integrate your AWS data with your other infrastructure and security data sources.
Optiv Threat Intel
Overview: Optiv Threat Intel is a Splunk App that automatically correlates your data with several popular open threat lists. After a few mouse clicks we can start hunting for log sources that are reaching out to, or being attacked from, known attackers. The app can provide increased visibility to potentially malicious activity going on in the organization. Features: * Threat list visualization that shows where most of the attackers are located on a globe. * Easily choose indexes, sourcetypes, or hosts for log entries that match threat list destination IPs, URLs and domains. * Email alerting feature to notify you of a threat list match that is correlated against your organization's machine data. * IP search feature that displays threat list activity. * Domain search feature that displays threat list activity. * RSS feed which will poll several information security news sites and consolidate the stories on one page. * Updated information is pulled down from the web every 8 hours.
Splunk Add-on for Unix and Linux
The Splunk Technology Add-on for Unix and Linux works with the Splunk App for Unix and Linux to provide rapid insights and operational visibility into large-scale Unix and Linux environments. With its new pre-packaged alerting capability, flexible service-based hosts grouping, and easy management of many data sources, it arms administrators with a powerful ability to quickly identify performance and capacity bottlenecks and outliers in Unix and Linux environments.