Latest Version 2.5.5
November 9, 2020
This app is archived. App archiving documentation
Threat Intelligence EclecticIQ Platform App
EclecticIQ Platform acquires cyber threat data in different formats from multiple sources; de-duplicates, normalizes, and enriches source data with additional contextual details; and feeds relevant information to Splunk Enterprise.
Built by
Compatibility
Splunk Enterprise
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2
Rating
4
(3)
Log in to rate this app
Support
Not Supported
EclecticIQ Platform acquires cyber threat data in different formats from multiple sources; de-duplicates, normalizes, and enriches source data with additional contextual details; and feeds relevant information to Splunk Enterprise.
Splunk Enterprise, using a rule-based approach, analyzes and filters cyber threat data to identify the most relevant threats to your organization. Important sightings and alerts are then fed back into EclecticIQ Platform for automatic dissemination and analyst review.
The result of this process is a rich threat intelligence dataset that allows you to efficiently tune your SIEM prevention and detection system.
The Splunk App for EclecticIQ Platform ships with a default set of dashboard gauges to make it easier for Splunk users to monitor feed data collection.
Categories
Security, Fraud & Compliance
Created By
EclecticIQ BV
Type
app
Downloads
1,293
Licensing
Apache 2(Opens new window)Splunk Answers
Ask a question about this app listing(Opens new window)Resources
Log in to report this app listing