Latest Version 1.3
March 16, 2017
Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
This app is archived. Learn more
RST Cloud Threat Database Add-on for Splunk
RST Cloud Threat Database Add-on allows to aggregate threat intelligence from multiple sources, store it locally in the Redis Database and quickly check a bunch of IP addresses against it. It makes possible to determine malicious IP addresses in the logs and use this information to analyse such activities.
Built by Nikolay Arefiev
Compatibility
Not Available
Rating
0
(0)
Log in to rate this app
Support
Not Supported
RST Cloud Threat Database Add-on allows to aggregate threat intelligence from multiple sources, store it locally in the Redis Database and quickly check a bunch of IP addresses against it. It makes possible to determine malicious IP addresses in the logs and use this information to analyse such activities.
Features:
- Automatically download IP reputation data and save in the Redis Database;
- Predefined macros helps to enrich your log containing IP addresses;
- A near real-time performance with an ability to process thousands of IPs at one time.
Categories
Created By
Nikolay Arefiev
Type
addon
Downloads
740
Licensing
Splunk Answers
Resources
Log in to report this app listing