Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
ProtectWise API Input app icon

ProtectWise API Input

Better version of the ProtectWise TA that doesn't require the protectwise-emitter daemon Will pull in events from the Protectwise API events endpoint. Will be expanding this to pull in more from the API as time goes on. This app uses Pythons requests library alongside ConfigParser to pull Protectwise data from the ProtectWise Restful API, Thus eliminating the need to run their proprietary daemon to bring data in from the Visualizer cloud. Uses tags.conf to apply this to the IDS data model and has field aliases to alias the fields from the Protectwise API to cim fields.

Built by Skip Cruse
splunk product badge
Last Updated
January 28, 2023
Compatibility
Not Available
Rating

0

(0)

Log in to rate this app
Support
ProtectWise API Input support icon
Not Supported
Better version of the ProtectWise TA that doesn't require the protectwise-emitter daemon Will pull in events from the Protectwise API events endpoint. Will be expanding this to pull in more from the API as time goes on. This app uses Pythons requests library alongside ConfigParser to pull Protectwise data from the ProtectWise Restful API, Thus eliminating the need to run their proprietary daemon to bring data in from the Visualizer cloud. Uses tags.conf to apply this to the IDS data model and has field aliases to alias the fields from the Protectwise API to cim fields.

Categories

Created By

Skip Cruse

Type

addon

Downloads

51

Splunk Answers

Resources

Login to report this app listing