Warning
Splunkbase Classic has been deprecated and will be deactivated on February 18, 2026.
Warning

This app is archived. App archiving documentation

Snort 3 JSON Alerts app icon

Snort 3 JSON Alerts

This repository is a Technology Add-On for Splunk that allows you to ingest IDS alerts into Splunk from Snort 3 in json format. This plugin normalizes these alerts conform to the "Intrusion Detection" model in the Splunk Common Information Model (CIM), and can be accessed within any app or dashboard that reports Intrusion Detection events.

Built by
splunk product badge
Latest Version 1.0.5
October 23, 2023
Compatibility
Splunk Enterprise
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0
CIM Version: 5.x, 4.x, 3.x
Rating

0

(0)

Log in to rate this app
Support
Snort 3 JSON Alerts support icon
Not Supported
This repository is a Technology Add-On for Splunk that allows you to ingest IDS alerts into Splunk from Snort 3 in json format. This plugin normalizes these alerts conform to the "Intrusion Detection" model in the Splunk Common Information Model (CIM), and can be accessed within any app or dashboard that reports Intrusion Detection events.

Categories

Security, Fraud & Compliance

Created By

Noah Dietrich

Type

addon

Downloads

4,946

Licensing

GNU General Public License v3.0(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing