icon/x Created with Sketch.

Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading Security Monitoring for Splunk
SHA256 checksum (security-monitoring-for-splunk_134.tgz) 8889990d76d7342a38cc4ceb7bdfbda5c278051480873c2a1420d0ed365dbaee SHA256 checksum (security-monitoring-for-splunk_133.tgz) 4093feea2dd982e4761e235046401380a16c562eb57d90f7ff8b8009c723d087 SHA256 checksum (security-monitoring-for-splunk_132.tgz) 9e844cc5370525992e0ab6b34f4bbb12c24ec9f0bdd056a41b739b54d1d6f52c SHA256 checksum (security-monitoring-for-splunk_131.tgz) 8098b78c807f7f12fb9990afb9464e0063d2359805527affb7acb567834b6928 SHA256 checksum (security-monitoring-for-splunk_130.tgz) e01a39a2215f16de6fe6589fb58c4c22ee7259add88f47c8d6314179f59b4139 SHA256 checksum (security-monitoring-for-splunk_105.tgz) c04f4a154bddaaade0aa92f115e3d91274ef15150f4757a74645afd4c0ef5545 SHA256 checksum (security-monitoring-for-splunk_104.tgz) 30fb3ac4f80e3f5e1c8aed80a2b400a9a5628b4e5f958b5095574f4e3d3cdeb5 SHA256 checksum (security-monitoring-for-splunk_103.tgz) 7dd02d2cdd05ed857a3aa51efc70576219fcefd0d8e33efe5122867646e1f609 SHA256 checksum (security-monitoring-for-splunk_102.tgz) 44b7609b8133b192d259a3c226a6078829b594b98cfcc579112d4dbfaba0d82c SHA256 checksum (security-monitoring-for-splunk_101.tgz) 52476d2f56f7500691e65f66e5dfc5683941456a94df20c02ae5dec1f4e1d254 SHA256 checksum (security-monitoring-for-splunk_100.tgz) 98a83377413496e030da3d1344186d2fe988f436ea3b6b99abe845282e5a56df SHA256 checksum (security-monitoring-for-splunk_10.tgz) 812c5dacc1eb14ec000878af2d80e4756314132964ddfba360bf973cefdcda86
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

Security Monitoring for Splunk

Admins: Please read about Splunk Enterprise 8.0 and the Python 2.7 end-of-life changes and impact on apps and upgradeshere.
Overview
Details
With the Security monitoring for Splunk app you will gain a view of your ingested operational security data. It provides you with a suggested list of security data to ingest. Tells you why you should monitor it, and a suggested priority. The app includes tutorials, pointers for things to look out for in your data, built in help on dashboards, and guidance on configuring data feeds into Splunk. It has been designed to give you as much information and detail as possible without the need to use the Splunk search bar.

Whether you are just beginning your Splunk journey or more experienced, this app offers you a starting point.

See Documentation at; https://smfs-docs.readthedocs.io/en/latest

TLDR; Install the pre req apps, most important being the Alert Manager app, and its TA, and configure it before working on this app. My recommendation is you configure alert manager to write to the 'alerts' index (which you need to create on your install) and write incidents to KVStore & the index (its clear how to do tht when you setup Alert Manager).

Once done, work through setup for this app, configuring your data sources and installing the right Technology add-ons (by searching splunkbase) to help you with field extractions.

Please provide issues, bugs, feedback via splunkbase.

Release Notes

Version 1.3.4
April 17, 2020

New Functionality; Import Content directly into the content manager (Playbooks), from Security Essentials app.
Page Telemetry
Fixed Tooltips previously broken in Splunk 8.0, due to blocking some bootstrap data- tags
Rework of the Playbook editor surface for a more consistent resize experience
HTML semantic improvements

Version 1.3.3
April 8, 2020

Fixed Errors failing Cloud Vetting.

Version 1.3.2
Dec. 9, 2019

- All detailed tables now support dynamic in table drill down to the raw event.
- Performance enhancements for the searches that populate the app setup page, field extractions.
- Selected Tab background color fixed
- Multiple Bugs Squashed

Version 1.3.1
Nov. 3, 2019

Fixed an issue with tabs in Splunk v8.0

Version 1.3.0
Oct. 31, 2019

V1.3 - With lots more content!

See latest at: https://smfs-docs.readthedocs.io/en/latest/

Version 1.0.5
Dec. 15, 2018

Fixed a lookup naming clash with windows_ta.

Version 1.0.4
Dec. 15, 2018

Fixed a clash on lookup names with the Windows_TA

Version 1.0.3
Nov. 12, 2018

Enhancement: Improved navigation bar in response to good feedback.
Enhancement: Service name lookup included to translate to network port numbers.
Enhancement: Network Intrusion Dashboard included in the Communications section.
Bug: Numerous fixed particularly with dashboard filter controls.
Bug: Detailed Traffic Streams graph corrected.

Version 1.0.2
Sept. 12, 2018

1.0.2 - Minor Bug Fix on VPN panel

Version 1.0.1
Aug. 23, 2018

Version 1.0.0
Aug. 21, 2018

Version 1.0
Aug. 17, 2018

Version 1.0
- Initial Release

347
Installs
2,566
Downloads
Share Subscribe LOGIN TO DOWNLOAD

Subscribe Share

AppInspect Tooling

Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
© 2005-2020 Splunk Inc. All rights reserved.
Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.