The BlackRidge TAC App for Splunk allows you to search and visualize data from BlackRidge syslog messages. The app comes with a predefined set of dashboards which provide ready-made graphs for popular syslog messages from BlackRidge gateway appliances.
The BlackRidge TAC App for Splunk runs on top of a Splunk instance. When you configure your BlackRidge TAC gateways to send syslog messages to Splunk, the BlackRidge TAC App leverages Splunk’s searching and indexing capabilities to present the syslog data through pre-built dashboards to give deep insight into the BlackRidge TAC gateway operations.
Download the BlackRidge TAC App for Splunk from SplunkBase
If you already have a version of BlackRidge TAC App for Splunk installed, you can upgrade it directly through Splunk's in-app upgrade feature within Splunk Web, or from the command line.
This release was validated against Splunk Enterprise 18.104.22.168 and BlackRidge TAC Gateway v22.214.171.12407. Changes include new alerts for attack and unknown identity events.
Updated to work with BlackRidge TAC Gateway 4.1
12/2015 - version 1.08
* Dashboard to show identity attribution network security events.
* Dashboard to show overall gateway status.
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.