Warning
Splunkbase Classic has been deprecated and will be deactivated on February 18, 2026.
Warning

This app is archived. App archiving documentation

Suricata app for splunk app icon

Suricata app for splunk

Welcome to the Suricata app for Splunk. This app contains field extraction for Suricata fast.log and separate field extraction for Suricata ssh.json log. Suricata ssh.json it's a separate log for only ssh events (all ssh events in your traffic).

Built by
splunk product badge
screenshot
screenshot
screenshot
Latest Version 1.0
June 22, 2016
Compatibility
Splunk Enterprise
CIM Version: 4.x
Rating

0

(0)

Log in to rate this app
Support
Suricata app for splunk support icon
Not Supported
Welcome to the Suricata app for Splunk. This app contains field extraction for Suricata fast.log and separate field extraction for Suricata ssh.json log. Suricata ssh.json it's a separate log for only ssh events (all ssh events in your traffic). Aslo in app you can find two dashboard. - First dashboard for analysis suricata fast.log - Second dashboad for visual analisis ssh.json log with function for flexible analysis by next field: data source, source and destination ip, server or client software, time.

Categories

Security, Fraud & Compliance

Created By

Sergey Malinkin

Type

app

Downloads

1,281

Licensing

GNU GPL 3.0(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing