Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
CylancePROTECT Add-on for Splunk Enterprise app icon

CylancePROTECT Add-on for Splunk Enterprise

This is the CylancePROTECT Technology Add-on (TA) designed to support the CylancePROTECT app found here: https://splunkbase.splunk.com/app/3233/ When you should not use this TA: This Technology Add-on (TA) is not necessary for simple Splunk installations (e.g. All-in-one Splunk install -- no forwarders or separate indexers) Instead just install the app located here: https://splunkbase.splunk.com/app/3233/ Also do not use this TA on a forwarder if you are planning on consuming the once-per-day Threat Data Report (TDR) data via the API pull which requires scripted input. Instead use a full Cylance Splunk app install for that forwarder. When you should use this TA: This TA supports the CylancePROTECT App for Splunk. It does not contain any dashboards and should be installed on Splunk indexers and forwaders that are not consuming the once-per-day TDR data via the API. The app itself should always be installed on the search head.

Built by Adam Schieman
splunk product badge
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2
CIM Version: 4.x, 3.x
Rating

0

(0)

Log in to rate this app
Ranking

#14

in IoT & Industrial Data
This is the CylancePROTECT Technology Add-on (TA) designed to support the CylancePROTECT app found here: https://splunkbase.splunk.com/app/3233/ When you should not use this TA: This Technology Add-on (TA) is not necessary for simple Splunk installations (e.g. All-in-one Splunk install -- no forwarders or separate indexers) Instead just install the app located here: https://splunkbase.splunk.com/app/3233/ Also do not use this TA on a forwarder if you are planning on consuming the once-per-day Threat Data Report (TDR) data via the API pull which requires scripted input. Instead use a full Cylance Splunk app install for that forwarder. When you should use this TA: This TA supports the CylancePROTECT App for Splunk. It does not contain any dashboards and should be installed on Splunk indexers and forwaders that are not consuming the once-per-day TDR data via the API. The app itself should always be installed on the search head.

Categories

Created By

Adam Schieman

Type

addon

Downloads

5,896

Licensing

Splunk Answers

Resources

Login to report this app listing