Latest Version 2.1.6
August 7, 2016
Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
This app is archived. App archiving documentation
Splunk Add-on for Cisco IPS
Important: On March 18, 2019, this add-on has been deprecated and reached its End of Life on June 19, 2019. For more information about the end of availability and support for this add-on, see https://www.splunk.com/blog/2019/03/18/end-of-availability-splunk-built-apps-and-add-ons.html?April.
Built by
Compatibility
Not Available
CIM Version: 4.x, 3.x
Rating
0
(0)
Log in to rate this app
Support
Not Supported
Important:
On March 18, 2019, this add-on has been deprecated and reached its End of Life on June 19, 2019. For more information about the end of availability and support for this add-on, see https://www.splunk.com/blog/2019/03/18/end-of-availability-splunk-built-apps-and-add-ons.html?April.
The Splunk Add-on for Cisco IPS allows a Splunk software administrator to consume, analyze, and report on Cisco IPS data that conforms to the Security Device Event Exchange (SDEE) standard. The add-on includes a scripted input to bring your IPS data into Splunk Enterprise as well as knowledge objects (source type definition, field extractions, event types, and tags) to help you view and interpret that data with the Splunk CIM. This add-on is designed to work with the Splunk Cisco Security Suite. Install these together to access reports and dashboards that give you visual insight into your Cisco IPS data.
Categories
Created By
Splunk Works
Type
addon
Downloads
6,417
Splunk Answers
Ask a question about this app listing(Opens new window)Resources
Log in to report this app listing