What is it?
The Search Add-On for Shodan is a Splunk Search Add-On by Hurricane Labs
for interacting with the Shodan REST API.
This app should be installed on a Splunk Search Head. There is a web-based
setup screen where you should fill in your Shodan API key.
This command is a generating command, meaning it should be used at the start
of your search, like so:
| shodan 127.0.0.1
It supports the full Shodan query syntax.
Please see the file called LICENSE. In addition, this Add-On is bundled with
the Requests Python Library, which is distributed under the terms of the
license found in the file LICENSE.requests.
Feature requests, bug reports and support questions (provided on a best effort basis only) can be sent to firstname.lastname@example.org
- Improved README. Added example usage for | shodan command.
- Tested on 7.1
- Added searchbnf.conf for contextual help in search.
- Added max_pages parameter. Set this in order to consume more than 100 results per query.
WARNING: For each page consumed past the first one, you will lose a query credit.
Use this option at your own risk!
- Removed Requests library. No longer necessary.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.