Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
Query Federated Search app icon

Query Federated Search

Query's Federated Search allows security teams to add additional data sources directly in Splunk's search without additional data costs - decoupling data value from data cost. Query Federated Search integrates your distributed enterprise data easily using APIs and integrates your data into the Splunk® console. With Query Federated Search you can: * Vastly increase visibility across your enterprise Query Federated Search lets you find data from all types of data sources - including semi-structured cloud object storage, warehouses, lakehouses, and more - with a single search, to detect and respond to security issues faster. * Add new data sources in minutes Query can easily add data sources via API in a matter of minutes versus hours, days or weeks to add directly to Splunk. * Full use of the Splunk interface and reporting tools Results are delivered in Splunk’s interface and can be included in reporting and graphics the same as any other data point. * Add data sources without incremental data costs Reduce cost by storing data where you want without compromising security. No more compromising on data in the SIEM due to expense! LATEST UPDATES * Query Announces Strategic Funding From Cisco Investments to Bolster Federated Search Platform for Security Operations. Read at https://www.query.ai/resources/blogs/query-announces-strategic-funding-from-cisco-investments-to-bolster-federated-search-platform-for-security-operations/ * New Version of Query Splunk App. Know more at https://www.query.ai/resources/blogs/announcing-query-splunk-app-2-4/

Built by Query AI
splunk product badge
Latest Version 2.6.5
June 4, 2025
Compatibility
Not Available
Platform Version: 10.0, 9.4, 9.3, 9.2, 9.1, 9.0
Rating

0

(0)

Log in to rate this app
Support
Query Federated Search support icon
Developer Supported app
Query's Federated Search allows security teams to add additional data sources directly in Splunk's search without additional data costs - decoupling data value from data cost. Query Federated Search integrates your distributed enterprise data easily using APIs and integrates your data into the Splunk® console. With Query Federated Search you can: * Vastly increase visibility across your enterprise Query Federated Search lets you find data from all types of data sources - including semi-structured cloud object storage, warehouses, lakehouses, and more - with a single search, to detect and respond to security issues faster. * Add new data sources in minutes Query can easily add data sources via API in a matter of minutes versus hours, days or weeks to add directly to Splunk. * Full use of the Splunk interface and reporting tools Results are delivered in Splunk’s interface and can be included in reporting and graphics the same as any other data point. * Add data sources without incremental data costs Reduce cost by storing data where you want without compromising security. No more compromising on data in the SIEM due to expense! LATEST UPDATES * Query Announces Strategic Funding From Cisco Investments to Bolster Federated Search Platform for Security Operations. Read at https://www.query.ai/resources/blogs/query-announces-strategic-funding-from-cisco-investments-to-bolster-federated-search-platform-for-security-operations/ * New Version of Query Splunk App. Know more at https://www.query.ai/resources/blogs/announcing-query-splunk-app-2-4/

Categories

Created By

Query AI

Type

app

Downloads

404

Licensing

Splunk Answers

Resources

Login to report this app listing