Warning

This app is archived. App archiving documentation

Corvil Add-on for Splunk Enterprise Security app icon

Corvil Add-on for Splunk Enterprise Security

Corvil Security Analytics enables Security Ops teams to achieve more effective detection, investigation and response for network-based security threats, by leveraging Corvil's powerful network traffic analysis, anomaly detect and forensics capabilities.

Built by
splunk product badge
screenshot
screenshot
screenshot
screenshot
Latest Version 1.0.4
December 21, 2018
Compatibility
Splunk Enterprise
Platform Version: 7.2, 7.1, 7.0
CIM Version: 4.x
Rating

5

(1)

Log in to rate this app
Support
Corvil Add-on for Splunk Enterprise Security support icon
Not Supported
Corvil Security Analytics enables Security Ops teams to achieve more effective detection, investigation and response for network-based security threats, by leveraging Corvil's powerful network traffic analysis, anomaly detect and forensics capabilities. This Corvil Add-on for Splunk Enterprise Security includes the following features: 1) Automatic CIM mapping for Corvil Security Analytics stream events, so they are searchable and can be correlated based on normalized Splunk CIM tags and fields, within Splunk Enterprise Security. 2) Adaptive Response action: "Track as Suspicious Host" - which enables a user within Splunk Enterprise Security to initiate and access full packet capture for the host involved in the notable event from which the adaptive response action was invoked. Important note - The "Corvil Connector for Splunk" must be installed, configured and operational before using this add-on.

Categories

Security, Fraud & Compliance

Created By

Corvil Connectors

Type

addon

Downloads

600

Licensing

End User License Agreement for Third-Party Content(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing