Warning

This app is archived. App archiving documentation

Cisco Umbrella Add-On for Splunk app icon

Cisco Umbrella Add-On for Splunk

DISCLAIMER: This add-on is no longer supported as there is now a first-party add-on developed by Cisco themselves: https://splunkbase.splunk.com/app/3324/

Built by
splunk product badge
screenshot
Latest Version 1.0.7
December 10, 2021
Compatibility
Splunk Enterprise
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2
CIM Version: 4.x
Rating

4

(2)

Log in to rate this app
Support
Cisco Umbrella Add-On for Splunk support icon
Not Supported
DISCLAIMER: This add-on is no longer supported as there is now a first-party add-on developed by Cisco themselves: https://splunkbase.splunk.com/app/3324/ The purpose of this add-on is to provide CIM compliant field extractions for Cisco Umbrella OpenDNS logs AWS S3 bucket logs. This add-on requires the Splunk Add-on for Amazon Web Services as the means of data on-boarding. * Built for Splunk Enterprise 6.x.x or higher * CIM Compliance (CIM 4.0.0 or higher) * Ready for Enterprise Security * Requires Splunk Add-on for Amazon Web Services (unless using Cisco Managed S3) * https://splunkbase.splunk.com/app/1876/ * If using Cisco Managed S3, use their app here: https://splunkbase.splunk.com/app/5557/ * Supports Cisco Umbrella Log Management Version 1-5 * Supports Cisco Managed S3 buckets via awscli and a simple shell script (See Cisco Managed Buckets Instructions)

Categories

IT Operations

Created By

Hurricane Labs

Type

addon

Downloads

8,825

Licensing

End User License Agreement for Third-Party Content(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing