icon/x Created with Sketch.

Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading Mimecast for Splunk v3
SHA256 checksum (mimecast-for-splunk-v3_313.tgz) 77f92ed4906e2b42c15a5cf7afc9af8cc4b4978df274d9d31fa5efd6ec34832a
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

Mimecast for Splunk v3

Splunk AppInspect Passed
This app provides an easy way to add Mimecast gateway and audit events into your Splunk Enterprise environment, as well as a number of predefined dashboards to give you valuable, actionable insights into your organization's email security.

Email is the primary attack vector and holds a huge amount of data, that if harnessed in the right way, can help improve security defenses and response significantly. Using our open API, Mimecast has developed an integration to bring email security data into the Splunk Enterprise platform.

Integrating Mimecast data into Splunk means it can be correlated against other data sources for better visibility and alerting to active and potential threats that may otherwise go unnoticed. Integrating email security data into Splunk’s Common Information Model (CIM) makes it faster and easier to correlate, monitor, query and extract actionable intelligence from.

The app supports multiple input sources including email, directory, journal, and audit data for more comprehensive insights. Deeper Targeted Threat Protection URL data is also included for greater visibility into link activity including user clicks and outcomes. Pre-built dashboards help visualize the data for easier interpretation and action.

Key benefits:

  • Improve visibility and detection of potential and active attacks by adding email security data into Splunk.
  • Find high-priority incidents among a sea of data points through anomaly detection and machine learning.
  • Rapid time to value with fast install and setup, pre-build dashboards and support for Splunk’s Common Information Model (CIM).
  • Consolidate threat intelligence and response into a single system.
  • Improve regulatory compliance.
  • Support for the latest versions of Splunk Enterprise.

See the Mimecast KB article on how to setup Mimecast for Splunk: https://community.mimecast.com/docs/DOC-2142/

Release Notes

Version 3.1.3
June 4, 2019

- Issue with Dashboards not displaying data have been fixed.
- Target Threat Protect - Attachment Protect input type have been updated to collect only malicious data.
- Target Threat Protect - Attachment Protect input type collecting duplicate data has been fixed.
- Target Threat Protect - Impersonation Protect input type have been updated to collect only malicious data.
- Target Threat Protect - Impersonation Protect input type collecting duplicate data has been fixed.
- Presentation issues for attachment filenames have been addressed.
- Escape (\) and quote characters ("") are now removed before ingesting logs into Splunk.


Subscribe Share

AppInspect Tooling

Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
© 2005-2019 Splunk Inc. All rights reserved.
Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.