Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an app
Warning

This app is archived. Learn more

Template for onboarding CEF data for CIM compliance app icon

Template for onboarding CEF data for CIM compliance

This is a template which can be used to quickly onboard CEF-formatted data. Note that this is NOT a finished add-on, but is meant to help you create your own. Also note that some of the regular expressions used are not high performing, so it is not suggested that this be used on a high-volume sourcetype.

Built by Dave Shpritz
splunk product badge
Latest Version 1.4
October 25, 2018
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1
CIM Version: 5.x, 4.x
Rating

0

(0)

Log in to rate this app
Support
Template for onboarding CEF data for CIM compliance support icon
Not Supported
This is a template which can be used to quickly onboard CEF-formatted data. Note that this is NOT a finished add-on, but is meant to help you create your own. Also note that some of the regular expressions used are not high performing, so it is not suggested that this be used on a high-volume sourcetype.

Categories

Created By

Dave Shpritz

Type

addon

Downloads

1,660

Licensing

Splunk Answers

Resources

Log in to report this app listing