Latest Version 1.3
March 16, 2017
Welcome to the new Splunkbase! To return to the old Splunkbase, .
This app is archived.
RST Cloud Threat Database Add-on for Splunk
RST Cloud Threat Database Add-on allows to aggregate threat intelligence from multiple sources, store it locally in the Redis Database and quickly check a bunch of IP addresses against it. It makes possible to determine malicious IP addresses in the logs and use this information to analyse such activities.
Built by
Compatibility
Not Available
Rating
0
(0)
Log in to rate this app
Support
Not Supported
RST Cloud Threat Database Add-on allows to aggregate threat intelligence from multiple sources, store it locally in the Redis Database and quickly check a bunch of IP addresses against it. It makes possible to determine malicious IP addresses in the logs and use this information to analyse such activities.
Features:
- Automatically download IP reputation data and save in the Redis Database;
- Predefined macros helps to enrich your log containing IP addresses;
- A near real-time performance with an ability to process thousands of IPs at one time.
Categories
Created By
Nikolay Arefiev
Type
addon
Downloads
745
Licensing
Splunk Answers
Resources
Log in to report this app listing