icon/x Created with Sketch.

Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

We are working on something new...

A Fresh New Splunkbase
We are designing a New Splunkbase to improve search and discoverability of apps. Check out our new and improved features like Categories and Collections. New Splunkbase is currently in preview mode, as it is under active development. We welcome you to navigate New Splunkbase and give us feedback.
Splunkbase will be undergoing a scheduled migration and will be unavailable on Saturday, Oct 1, 2022, from 11AM to 3PM PDT

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading VulDB Vulnerability and Threat Intelligence
SHA256 checksum (vuldb-vulnerability-and-threat-intelligence_372.tgz) 3a0063b16c08a8d0959668622efa704c6fb0a1bd5aab162fc061066137776374 SHA256 checksum (vuldb-vulnerability-and-threat-intelligence_371.tgz) e604bf62a399eb1a5c61e25639208f5effe8f7bf876357e0c824614c3f498d8b SHA256 checksum (vuldb-vulnerability-and-threat-intelligence_370.tgz) 8719cd67e51c693c418fa6810ced8141fdbf1fb4d6cd74c5c888162fe1a3b589 SHA256 checksum (vuldb-vulnerability-and-threat-intelligence_360.tgz) c00981ab814644caff9c48d07242fff6ae3ac636168170f81fb6eec63ca08bb5 SHA256 checksum (vuldb-vulnerability-and-threat-intelligence_352.tgz) 571155a5348abaa0f0c8d6b00d1f4f74838d8d72bacc31fcd7422f483ae3f6ae SHA256 checksum (vuldb-vulnerability-and-threat-intelligence_351.tgz) 2f255edb9c300d1a24f204ec412f32bb6f7358533486bc00e46dd6dd49373355 SHA256 checksum (vuldb-vulnerability-and-threat-intelligence_350.tgz) f1e4e37ae0acf641fdca1616dc1f81ba8f342a826336e136181238cea9060a68 SHA256 checksum (vuldb-vulnerability-and-threat-intelligence_341.tgz) b394e90d25de3f5669e2ae6b291caab27cd40ac1bdf2e63d30d3bbb7d9f5a040 SHA256 checksum (vuldb-vulnerability-and-threat-intelligence_340.tgz) 802ac249ef2f6613c0260227848ac8ada8f564224e08f24192b7447ec4f3c604 SHA256 checksum (vuldb-vulnerability-and-threat-intelligence_330.tgz) c2e2f67b76db42ef768dfbc77fb57c9adec296e647d38bb6c60558295c65d14b SHA256 checksum (vuldb-vulnerability-and-threat-intelligence_320.tgz) 48420e5622ac62bbf2b8b010b23a18071f60584790e2748a896b63c685c65eb6 SHA256 checksum (vuldb-vulnerability-and-threat-intelligence_310.tgz) 7fbf56b1fe6b68856388baa440d5958d37d2f8089310208d66f8656b7bc3e41c SHA256 checksum (vuldb-vulnerability-and-threat-intelligence_300.tgz) db9c88dd8a413fc7675b75ae5ca18d5c06143b43433a97cece1fd8272c3b5547 SHA256 checksum (vuldb-vulnerability-and-threat-intelligence_201.tgz) d4e617a60b3b93eb26cea599e5b56917a821a25a0d6966047a728f789d4f346c SHA256 checksum (vuldb-vulnerability-and-threat-intelligence_200.tgz) 3f3c36cb73631aa4406dd862045bf4cc5905bdcf894791cc42f68547d6bc8377 SHA256 checksum (vuldb-vulnerability-and-threat-intelligence_101.tgz) f41870200b93f149d9e33d92c282af1d8f8ab53ce0b6396f60dbe4c0784a87db
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate


VulDB Vulnerability and Threat Intelligence

VulDB is the number one vulnerability database documenting and explaining security vulnerabilities and exploits since 1970. The VulDB app for Splunk integrates vulnerability data from VulnDB into Splunk to enhance vulnerability management (VM) and cyber threat intelligence (CTI). Defending against exploits, maintaining patch and release management becomes much easier with out Threat Intelligence Platform (TIP).

You need to link the Splunk app to your VulDB account to use the API credits to fetch the infosec data. The amount of available API credits is defined by the license of your account (free, commercial or enterprise). You are able to purchase more API credits at https://vuldb.com/?pay

We provide interoperability with information security data and cybersecurity products by MITRE (CVE, CWE, CPE, ATT&CK), Tenable Nessus, Qualys Scanner, Rapid7 MetaSploit MSF, Cisco, Microsoft, Palo Alto, Fortinet, Symantec, Trend Micro, FireEye, McAfee, ISS, IBM X-Force, Snyk, and other vendors. More information about our Splunk app is available at https://vuldb.com/?doc.splunk

Splunk App

The Splunk App for VulDB integrates vulnerability intelligence from VulDB into Splunk. The app communicates with VulDB by using its API and requires a valid API key as well as sufficient API credits.



Installation from file:
- Log in to Splunk with an administrative account
- Click on the gear icon (Manage Apps)
- On the next screen, click on the button labeled Install app from file
- Click on the button Browse... and browse to the location of the the VulDB Splunk App file (VulDB-Splunk-App.tar.gz), then select that file and click Open in the file browser dialogue. Now the name of the file appears next to the button Browse....
- Check the checkbox Upgrade app to upgrade any older versions of the app should they exist
- Click the button labeled Upload

Online installation:
- Log in to Splunk with an administrative account
- Click on the gear icon (Manage Apps)
- Click on the button Browse More Apps
- in the search box, enter VulDB and press enter
- Click on the button Install to install the VulDB App

Initial Configuration

Before configuring the VulDB Splunk App for the first time, make sure that you have a valid API key and a sufficient amount of API credits. If in doubt, log in to your VulDB account and check your profile.

The VulDB Splunk App defines a new modular input type that is used for retrieving data from VulDB. Navigate to the menu Settings / Data inputs and click on + Add new.

Note: if the app has been configured previously, this step is typically not required as the necessary configuration should already be present.

Give the new modular input a name, for example VulDB-datasrc and insert your API key into the field "VulDB API key". Optionally, you can specify a proxy server for outgoing connections, i.e. connections to https://vuldb.com from your Splunk server. You can also choose the language for the data fetched from VulDB, the choices are:

  • English
  • German
  • Spanish
  • French
  • Italian
  • Polish
  • Swedish
  • Chinese
  • Japanese

It is possible to define how far from the past the App should start fetching VulDB data (default setting is one month if left empty).

Clicking on Next will save your configuration and download an initial chunk of data from the VulDB (see below).

Additional Information

The VulDB Splunk App downloads data from https://vuldb.com in several chunks and it checks for new data once per hour. Upon initial data download (i.e. no data has been downloaded previously or only a long time ago), the App attempts to download all data from VulDB that is younger than the configured maximum data age.

Note: this will consume roughly 1000 API credits per month of data coverage (or more), depending on your choice of fetching details and on the amount of vulnerabilities in VulDB for that period.


When you access the Splunk App, you are presented with an overview dashboard. This dashboard shows some statistics and visualizations of the VulDB data present in your Splunk instance. All visualizations in the overview have drilldowns defined, i.e. clicking on the numbers or graph elements will open a new window containing relevant data and details.


Some predefined dashboards are included with the app. They can be accessed through the menu Dashboards in the menu bar.

You can always add your own dashboards or alter the existing ones. If you choose to change any of the predefined dashboards be aware that this may lead to non-functioning drilldowns in other dashboards.

Reports and Saved Queries

Currently, only one saved search is included with the VulDB app - it will show the VulDB log entries. Feel free to add your own searches as you see fit.

Custom Searches

The VulDB app creates Splunk entries with a sourcetype of VulDB. Therefore you can use sourcetype=VulDB to restrict splunk searches to VulDB data.


The VulDB App logs events to the splunk logs. A saved search is included in the VulDB app that allows you to retrieve the VulDB App logs, please click on the Reports menu access the saved search.

Changing the Splunk App Configuration

The configuration of the VulDB data source (modular input) can be changed. Click on Settings / Data inputs / VulDB, which will show the previously defined input (or an empty list if you haven't defined the input yet). Clicking on the name of the input allows you to change its parameters.

Updating the App

For instructions on how to update Splunk apps, please refer to the official documentation.

Deleting the App

For instructions on how to disable or delete Splunk apps please refer to the official documentation. Bear in mind that deleting the app will remove the defined modular input but will not remove the VulDB data already present in your Splunk instance.

Fetching Individual Vulnerabilities

It is possible to download one or more vulnerabilities separately from the usual data retrieval mechanisms. Navigate to the menu Settings / Data inputs and click on the field Input Name of the previously defined VulDB data input. Enter the desired VulDB IDs in the field Fetch individual VulDB IDs. Separate multiple IDs with commas if you wish to download more than one vulnerability. Then click the Save button on the bottom of the page. This downloads the specified IDs from VulDB and then clears the Fetch individual VulDB IDs field.

Help and Support

Please check the documentation or contact us if you have any questions.

Release Notes

Version 3.7.2
July 26, 2022

Improved secret storage application

Version 3.7.1
July 13, 2022

Stability improvements

Version 3.7.0
Dec. 20, 2021

New VulDB logo
Added support for Chinese (zh), Japanese (ja) and Arabic (ar)
Stability improvements

Version 3.6.0
Aug. 13, 2021

Added MITRE ATT&CK techniques visualization; stability improvements

Version 3.5.2
Dec. 13, 2020

Improved data retrieval strategy (faster + less credit consumption)

Version 3.5.1
Oct. 16, 2020

Improved handling of arbitrarily named indices

Version 3.5.0
July 9, 2020

Enhanced algorithm for update fetching

Version 3.4.1
April 17, 2020

Stability improvements regarding updates

Version 3.4.0
Jan. 21, 2020

Fetch updates more frequently; show important warnings as Bulletin Messages

Version 3.3.0
Dec. 17, 2019

New feature to allow fetching individual vulnerabilities

Version 3.2.0
Nov. 13, 2019

Stability Improvements

Version 3.1.0
June 6, 2019

Use the storage passwords facility to store the API key

Version 3.0.0
March 21, 2019

New feature to retrieve updates for vulnerabilities

Version 2.0.1
Feb. 11, 2019

Stability improvements

Version 2.0.0
Feb. 11, 2019

New and improved dashboards
User interface improvements
0day exploit prices

Version 1.0.1
Oct. 18, 2018

Possibility to define the time-range to fetch earlier entries at the initial startup

Subscribe Share

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
Splunk, Splunk>,Turn Data Into Doing, Data-to-Everything, and D2E are trademarks or registered trademarks of Splunk Inc. in the United States and other countries. All other brand names,product names,or trademarks belong to their respective owners.