Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading Signal Sciences NG WAF/RASP - TA
SHA256 checksum (signal-sciences-ng-wafrasp-ta_1018.tgz) f95bd3b7fec48f590893d35981238c82a7b4a88c9ab98c6d86770a1173d6cdbc SHA256 checksum (signal-sciences-ng-wafrasp-ta_1017.tgz) baaa204f0c3d3c2db84e8885d6f0793c68352a8ae81ea4631834a3ea78ef94fe SHA256 checksum (signal-sciences-ng-wafrasp-ta_1016.tgz) b0ff5275d1325206464ec952ea014895977eaf67215e13de8fe2d2869a9297ed SHA256 checksum (signal-sciences-ng-wafrasp-ta_1015.tgz) eafb5b38761c8a60916c0d10df92d7882f7b006be3f8f56ac52ad751df30ac58 SHA256 checksum (signal-sciences-ng-wafrasp-ta_1014.tgz) b1f416028beb0fd9c4f8da6bbaa4504e8f740c6e0b41d0368abe33029d0091b3 SHA256 checksum (signal-sciences-ng-wafrasp-ta_1013.tgz) 850d7f114dfcb2f95fb860f2fb8e8600308ccb07492f09c969b8a20018ff2cc1 SHA256 checksum (signal-sciences-ng-wafrasp-ta_1011.tgz) 536ebc542c146485cbd230e9fed658243d4efbd546053f16991734a4a6a3ad87 SHA256 checksum (signal-sciences-ng-wafrasp-ta_1010.tgz) f478e1ebdd3dbcd5684f296541f1916c4c9b8e4fcd23fb3cfe290e6a625e62a8 SHA256 checksum (signal-sciences-ng-wafrasp-ta_109.tgz) 98e92d4258479fe08c08dd6ea983b4358c6a5ad709766ed63ccd9f1bc6173fe3 SHA256 checksum (signal-sciences-ng-wafrasp-ta_108.tgz) 22c2ee98902590f5f233aeba73fafea3ca512ae5e2ea173724b2e19f0b733345 SHA256 checksum (signal-sciences-ng-wafrasp-ta_107.tgz) 6bcf1342d2aad4b1f3e5ca38b6a061113b44aa9bac25672c8f2c4ccf36f63eda
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

Signal Sciences NG WAF/RASP - TA

Splunk AppInspect Passed
Overview
Details
For users of Signal Sciences who would like to enrich their Splunk data with information from Signal Sciences. This app with simple configuration enabled the importing of Events, Activity, and raw request information to Splunk.

This is an open source project, no support provided, public repository available and installation documentation can be found a https://github.com/dacoburn/sigsci-splunk-app . The best way to report issues with the App is to create an Issue on the github page so that it can be tracked.

Installation and configuration information can be found at the github page

Release Notes

Version 1.0.18
Dec. 9, 2018

- Added support for Proxy configuration
- Updated splunklib to the latest version
- Used new method for App configuration instead of the old setup view
- Added Help messages for the configuration options

Version 1.0.17
Oct. 5, 2018

1.0.17
- Fixed requirement for app.conf for Splunk Cloud Support, wasn't correctly fixed in 1.0.16.

1.0.15

- Updated props.conf for time issue https://github.com/dacoburn/sigsci-splunk-app/issues/2

1.0.14

- Fixed issue with timestamp not being found by adding TIME_PREFIX = timestamp . Previously the JSON could be to large for the default look ahead to find the timestamp element. This way the look ahead starts from the timestamp object.
- Linted and fixed formatting of python scripts
- Removed default Data Inputs for Requests and Events as this was keeping you from being able to delete them and caused isues.
IMPORTANT NOTE: If you had modified the default example Data Input you will need to go back and re-add the "5" for the Delta. Otherwise this will default to 0 and no data will be pulled.

New Features:

- Added support for the new API Tokens. You can either use the Username/API Token or the Username/Password combo. If both are filled in the API Token will take precedence.

Version 1.0.16
Oct. 5, 2018

1.0.16
- Fixed requirement for app.conf for Splunk Cloud Support.

1.0.15

- Updated props.conf for time issue https://github.com/dacoburn/sigsci-splunk-app/issues/2

1.0.14

- Fixed issue with timestamp not being found by adding TIME_PREFIX = timestamp . Previously the JSON could be to large for the default look ahead to find the timestamp element. This way the look ahead starts from the timestamp object.
- Linted and fixed formatting of python scripts
- Removed default Data Inputs for Requests and Events as this was keeping you from being able to delete them and caused isues.
IMPORTANT NOTE: If you had modified the default example Data Input you will need to go back and re-add the "5" for the Delta. Otherwise this will default to 0 and no data will be pulled.

New Features:

- Added support for the new API Tokens. You can either use the Username/API Token or the Username/Password combo. If both are filled in the API Token will take precedence.

Version 1.0.15
Oct. 2, 2018

1.0.15

- Updated props.conf for time issue https://github.com/dacoburn/sigsci-splunk-app/issues/2

1.0.14

- Fixed issue where the build script was not correctly updating some of the python files for the version
- Fixed issue with timestamp not being found by adding TIME_PREFIX = timestamp . Previously the JSON could be to large for the default look ahead to find the timestamp element. This way the look ahead starts from the timestamp object.
- Linted and fixed formatting of python scripts
- Removed default Data Inputs for Requests and Events as this was keeping you from being able to delete them and caused isues.
IMPORTANT NOTE: If you had modified the default example Data Input you will need to go back and re-add the "5" for the Delta. Otherwise this will default to 0 and no data will be pulled.

New Features:

- Added support for the new API Tokens. You can either use the Username/API Token or the Username/Password combo. If both are filled in the API Token will take precedence.

Version 1.0.14
Oct. 2, 2018

Bugs Fixed:

- Fixed issue where the build script was not correctly updating some of the python files for the version
- Fixed issue with timestamp not being found by adding TIME_PREFIX = timestamp . Previously the JSON could be to large for the default look ahead to find the timestamp element. This way the look ahead starts from the timestamp object.
- Linted and fixed formatting of python scripts
- Removed default Data Inputs for Requests and Events as this was keeping you from being able to delete them and caused isues.
IMPORTANT NOTE: If you had modified the default example Data Input you will need to go back and re-add the "5" for the Delta. Otherwise this will default to 0 and no data will be pulled.

New Features:

- Added support for the new API Tokens. You can either use the Username/API Token or the Username/Password combo. If both are filled in the API Token will take precedence.

Version 1.0.13
Sept. 13, 2018

This release includes improvements for:

- Changed default behavior of modular scripts from single_instance = True to single_instance = false. This means that there will be a unique execution of the script for each data input configured. This is important so that if one of the Data inputs causes an error it won't effect the other ones. Also for sites with high RPS it can potentially take to long to have the data be pulled sequentially instead of concurrently.

1.0.12 Improvements:

- Retry behavior if rate limiting for pulling details is hit
- More efficient methods for writing events. Previously as the events were detected they were being written out. Now to improve the Script performance the event write call is done after all items are pulled from SigSci
- Better error handling if the URL is not correctly built do to wrong entries being configured in the app settings
- User-Agent string update to be recognizable as the SigSci Splunk app

Version 1.0.11
Dec. 11, 2017

- Fixed issue with regression for empty response headers
- Fixed issues where upgrade backups were left in the Splunk App Folder

Version 1.0.10
Nov. 13, 2017

- Accidentally reverted the fix for requests with no Response headers from 1.08 when releasing 1.09. This fix has been added back in.

Version 1.0.9
Nov. 8, 2017

- Refactored Module Input script to support when multiple sites are setup for Requests or Events. Before it would cause things to error out.

Version 1.0.8
Oct. 5, 2017

- Removed logging out of Token when debug logging is enabled.

Version 1.0.7
Aug. 3, 2017

- Fixed issue with time calculations not being correct and leading to potential errors from the API or getting unexpected time periods pulled back for the Requests API.
- Fixed issue where output format from SigSci is not optimal for header data. Header Data will now be properly sortable. The result from the API currently returns a JSON object of a list of lists for the headers so the header entries were showing in a format of [Header, Value] instead of {"header": "value"}

39
Installs
371
Downloads
Share Subscribe LOGIN TO DOWNLOAD

Subscribe Share

AppInspect Tooling

Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
© 2005-2018 Splunk Inc. All rights reserved.
Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.