Detects if you're running wireless on your Linux server. Puts results in index=main and CIM's the data for Splunk ES/PCI reasons. By default assumes you are NOT trying to run wireless. Adjust the tags.conf if you need to adjust that.
Recommend you update the index and interval for your needs. Remember PCI requires that you store these results for 1 year.
11.1.b Verify that the methodology is adequate to detect and identify any unauthorized wireless access points, including at least the following:
WLAN cards inserted into system components
Portable or mobile devices attached to system components to create a wireless access point (for example, by USB, etc.)
Wireless devices attached to a network port or network device.
Install instructions -
Install on end point, restart.
Install on Search head, restart.
Fixed CIM aliases. Improved readme and updated PCI fields to support 3.2.1 audit.
Added Support for Windows servers. Just does a quick service check.
Pulls wireless status from Linux hosts for PCI DSS 11.x requirements. Cleans it up to meet Splunk CIM standards.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.