Digital Shadows App for Splunk
Author – Digital Shadows
Version - 1.0.0
Creates Index - False
* Splunk Enterprise version: 6.6.x, 7.0.x, 7.1.x
* OS: Platform independent
1)Standalone Mode: Install main app on a single machine. This single machine would serve as a Search Head + Indexer + Heavy forwarder for this setup.
2)Distributed Environment: Install main app on search head which will use indexed data and builds dashboards on it.
A good test to see that you are receiving all of the data we expect is to run below searches after several minutes:
* Execute below search in case TA-digital-shadows Add-on has been installed and configured.
get_digitalshadows_index | stats count by sourcetype
In particular, you should see below sourcetypes:
* If a user doesn’t see data, try expanding time range.
* Support Offered: Yes
* Support Email:firstname.lastname@example.org
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.