Latest Version 1.0.1
December 28, 2020
This app is archived. App archiving documentation
Avalon Add-on for Splunk
King & Union's Avalon Add-On for Splunk enables the interchange of data between Avalon and Splunk to support security investigations leveraging both platforms. The add-on provides custom search commands that allow for both the creation and update of Avalon workspaces from a Splunk search, as well as the retrieval of node and workspace data on demand. All add-on activities, to include details about workspaces and nodes, are visible in the Avalon Summary dashboard. Retrieved data can be filtered and configured for inclusion in a Splunk ES instance as a custom threat feed for further alerting.
Built by King and Union
Compatibility
Splunk Enterprise
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1
Rating
5
(2)
Log in to rate this app
Support
Not Supported
King & Union's Avalon Add-On for Splunk enables the interchange of data between Avalon and Splunk to support security investigations leveraging both platforms. The add-on provides custom search commands that allow for both the creation and update of Avalon workspaces from a Splunk search, as well as the retrieval of node and workspace data on demand. All add-on activities, to include details about workspaces and nodes, are visible in the Avalon Summary dashboard. Retrieved data can be filtered and configured for inclusion in a Splunk ES instance as a custom threat feed for further alerting.
Request a demo of Avalon at https://www.kingandunion.com/splunk
Categories
Security, Fraud & Compliance
Created By
King and Union
Type
addon
Downloads
442
Splunk Answers
Ask a question about this app listing(Opens new window)Resources
Log in to report this app listing