A Splunk Application to get insight from your Digital Guardian implementation.
Digital Guardian offers security’s most technologically advanced endpoint agent. Only Digital Guardian ends data theft by protecting sensitive data from skilled insiders and persistent outside attackers.
The Digital Guardian App for Splunk Enterprise lets customers understand risks to sensitive data across the enterprise from insider and outsider threats and respond appropriately. Users can improve incident response and investigation times by leveraging Splunk’s enterprise search capabilities across Digital Guardian event and alert data. The App includes an Add-on which brings Digital Guardian events and alerts into Splunk Enterprise. The Add-on is designed for Digital Guardian 7.0.0 and above. For use with previous versions please contact Digital Guardian.
The Digital Guardian App for Splunk Enterprise includes seven dashboards that visualize Digital Guardian events and alerts with advanced abilities to drill down and filter data to pinpoint threats, investigate and respond. Dashboards include:
2.0.3 - 2/8/2018
* Fixed file permissions
2.0.1 - 2/23/2017
* Updated README
2.0.0 - 2/10/2017
* Updated for use with Splunk 6.5 and later.
* Can be used with Splunk 6.4.x, but backward compatibility before that is not guaranteed.
* Bug Fixes
* Requires Digital Guardian 7.0.0 or above
Version 1.3.0 of the Digital Guardian App for Splunk Enterprise includes the following new changes:
* Moved lookups to TA
* Added Investigation Page
* Added Email and NTU pages
* Bug Fixes
1.2.5 - 1/15/2015
* Fixed issue with Drive Type Lookups
* Fixed issue with Data Egress Page related to Event Types
1.2.4 - 12/24/2014
* Fixed issue with Network Direction Lookup
1.2.3 - 12/24/2014
* Fixed issue with extensions search on events page for new chart includes
* Fixed base search to allow extension includes
* Backslash escaping to allow for better drilldowns.
1.2.2 - 12/23/204
* Fixed issue with base search for new charts on events page.
1.2.1 - 12/22/2014
* Fixed issue with Wildcard search changing search button name on click
* Fixed rendering issue with new charts on events page.
* Added Computer Type Lookup to application
App updated to use codes and lookups for String values across most of the app.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.