|Supported Splunk versions||6.5, 6.6, 7.0, 7.1, 7.2, 7.3, 8.0|
Extract tar.gz to $SPLUNK_HOME/etc/apps or install in Splunkweb from the "manage apps" page.
Install app to a forwarder, as well as all search heads. Disable default input in inputs.conf before installation to search head. Follow "Configuration" section on the forwarder.
Once installed, navigate to the "manage apps" page, find the row for TA-detectify and click "Set up" (/en-US/manager/TA-detectify/apps/local/TA-detectify/setup?action=edit). Enter an API key and click save. Input runs hourly, so after configuration data may take up to an hour to be indexed. App outputs events to the "detectify:findings" sourcetype in the default index. If you'd like to specify a different index, specify one in this app's inputs.conf.
For bug reporting and app questions, contact firstname.lastname@example.org.
Version 1.2.1 fixes an import issue with Python3.
Release 1.2.0 updates the app to support Python 3
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.