Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Warning

This app is archived. App archiving documentation

THOR APT Scanner v2 app icon

THOR APT Scanner v2

This Splunk App helps to manage the log data transmitted by THOR and facilitates the analysis.

Built by
splunk product badge
screenshot
screenshot
screenshot
screenshot
Latest Version 2.1.0
April 13, 2018
Compatibility
Splunk Enterprise
Platform Version: 7.3, 7.2, 7.1, 7.0
CIM Version: 4.x
Rating

0

(0)

Log in to rate this app
Support
THOR APT Scanner v2 support icon
Not Supported
This Splunk App helps to manage the log data transmitted by THOR and facilitates the analysis. Key Features of this App - Dashboard: Number of scans, scanned hosts, license usage, scans with different THOR/SPARK versions - Overview: Alert types over time, alert types by system, scan status by system, connection endpoints (geo location) - Universal View: Main THOR log analysis view with filters and sorting to process all log messages in an optimal way - Input: SYSLOG or TEXT (.txt) logs Requirements: THOR Add-on v2 https://splunkbase.splunk.com/app/3718/ Steps to get data into the Splunk App: - Use sourcetype="thor" for all your inputs (files/udp/tcp) Recommendation: - Create an index named "thor" and make sure that the current user rule searches this index by default

Categories

Security, Fraud & Compliance

Created By

Florian Roth

Type

app

Downloads

1,517

Licensing

MIT License(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing