Welcome to the new Splunkbase! To return to the old Splunkbase, .
Collections
Apps
Submit an app
Warning

This app is archived.

Security Query based App for NetWitness Packets app icon

Security Query based App for NetWitness Packets

This Splunk app will connect to a NetWitness Concentrator/Broker via REST API. It will poll the NetWitness device regularly to collect new session meta data based on the provided query to be indexed by Splunk, it tries to use the Common Information Model for most of the fields.

Built by
splunk product badge
Latest Version 0.9.5
July 14, 2022
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0
CIM Version: 3.x
Rating

0

(0)

Log in to rate this app
Support
Security Query based App for NetWitness Packets support icon
Not Supported
This Splunk app will connect to a NetWitness Concentrator/Broker via REST API. It will poll the NetWitness device regularly to collect new session meta data based on the provided query to be indexed by Splunk, it tries to use the Common Information Model for most of the fields. For install and configuration instructions please check README.txt after extracting it to $SPLUNK_HOME/etc/apps/

Categories

Created By

Rui Ataide

Type

app

Downloads

1,824

Licensing

Splunk Answers

Resources

Log in to report this app listing