This app is archived. Learn more

VirusTotal Malware Lookup for Splunk

This app is used to supplement your data with information from VirusTotal. The custom command ` | virustotal ` (bundled with this app) uses the `https://www.virustotal.com/vtapi/v2/file/report` endpoint to communicate with the VirusTotal API. This TA can be installed on the search head. No additional manual steps are required in distributed environments, as the app only interacts with search-time functionality ( lookups and scheduled searches ). This Add-on has been tested (and installed) on Splunk Cloud. We're using GitLab to both share our source code and track issues (bugs or feature requests), please use it freely: https://gitlab.com/ecs_public_projects/splunk/TA-VirusTotal

Built by Adarma Security

Latest Version 2.4.0

June 6, 2022

Release notes

Compatibility

Not Available

Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1

Rating

0

(0)

Log in to rate this app

Support

Not Supported

Learn more

This app is used to supplement your data with information from VirusTotal. The custom command ` | virustotal ` (bundled with this app) uses the `https://www.virustotal.com/vtapi/v2/file/report` endpoint to communicate with the VirusTotal API. This TA can be installed on the search head. No additional manual steps are required in distributed environments, as the app only interacts with search-time functionality ( lookups and scheduled searches ). This Add-on has been tested (and installed) on Splunk Cloud. We're using GitLab to both share our source code and track issues (bugs or feature requests), please use it freely: https://gitlab.com/ecs_public_projects/splunk/TA-VirusTotal