Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Warning

This app is archived. Learn more

Linux Secure Technology Add-On app icon

Linux Secure Technology Add-On

This app provides field extractions and normalisation to the Common Information Model for /var/log/secure and /var/log/auth.log (linux_secure sourcetype). It is intended to replace the security-relevant aspects of the Splunk Add-on for Unix and Linux (Splunk_TA_nix) and as such it's strongly recommended that the Splunk_TA_nix app be removed from your search head before installing this app as they may conflict. This app requires no configuration and need only be installed on search heads (i.e. contains no index-time transforms).

Built by Doug Brown
splunk product badge

Latest Version 1.0.1
November 29, 2021
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2
CIM Version: 4.x, 3.x
Rating

0

(0)

Log in to rate this app
Support
Linux Secure Technology Add-On support icon
Not Supported
This app provides field extractions and normalisation to the Common Information Model for /var/log/secure and /var/log/auth.log (linux_secure sourcetype). It is intended to replace the security-relevant aspects of the Splunk Add-on for Unix and Linux (Splunk_TA_nix) and as such it's strongly recommended that the Splunk_TA_nix app be removed from your search head before installing this app as they may conflict. This app requires no configuration and need only be installed on search heads (i.e. contains no index-time transforms). Be sure to also check out the certified sudo (https://splunkbase.splunk.com/app/3038/), iptables (https://splunkbase.splunk.com/app/3089/) and auditd (https://splunkbase.splunk.com/app/2642/) apps. For Linux performance monitoring, please see: https://splunkbase.splunk.com/app/3412/

Categories

Created By

Doug Brown

Type

addon

Downloads

6,651

Resources

Log in to report this app listing