The Kolide Fleet App for Splunk is designed to ingest, parse, and display results and status information from osquery Kolide Fleet servers.  We provide dashboards for processing osquery_info, programs, process_open_sockets, user queries and more.  This can be used by ITOps and Security alike.

The app requires specific Pack and Query names for the dashboards to properly populate.  For this reason, we have exported our Kolide Packs and Queries and made them available for download.  Please see the Details tab for installation and configuration instructions.

Big thanks from the Crew:
Tony Lee
Matt Kemelhar