Fidelis Cybersecurity Add-on for Splunk

Fidelis Cybersecurity Add-on for Splunk will listen for Syslog messages from Fidelis Cybersecurity on specific port and index it into Splunk. - UPDATE 2019.01 - The Fidelis CyberSecurity App for Splunk and Fidelis CyberSecurity Technology Add-On were originally developed and published to Splunkbase to support an example dashboard for Fidelis Network Alert Data. This App and its associated Technology Add-On will also provide a template for customers to use in environment where the Splunk Enterprise Security application is not in use. The Default configuration of the Fidelis Cybersecurity App leverages example Policies and Rules that were specifically selected to provide data for the example dashboards related to specific Advanced Threats and may not reflect current Policies or Rules included within the Fidelis Insight Feeds today. As Customer Specific Rules developed for DLP, Site specific use cases, and Individual Subscriptions to Threat Intelligence Feeds will differ greatly from Fidelis Insight Rule names; the example dashboards are not designed or intended to provide any functionality related to Client specific rules without modification and personalization to the App and TA components. Please Note : This application is not intended to be used in environments currently leveraging Splunk Enterprise Security at this time. An example Technology Add-On is currently in development that will provide a template for this specific use case in the future.