Druva Add-on For Splunk

The Druva Add-on for Splunk enables Splunk Enterprise administrators to easily ingest data from the Druva Cloud Platform into Splunk for comprehensive monitoring and analysis. This integration empowers you to consume Druva-related data through the Druva App for Splunk or any custom apps created for your Security Operations Center (SOC) or IT operations. Key Features of Druva's Ransomware Recovery Solution Data Integrity: Air-gapped, immutable backups ensure ransomware can’t execute in the Druva environment. You will always have safe backup data for recovery, even in the event of an attack. Operational Security: Enjoy 24x7x365 fully managed security operations, including automatic patching and continuous monitoring to detect threats early. Accelerated Recovery: The integration with Splunk platforms enables faster threat detection and response, coupled with Druva’s Accelerated Recovery solutions to help you return to normal operations more quickly. What This Integration Pack Does This two-way API integration connects the Druva Cloud Platform to your Splunk platform, enabling automated response actions and streamlined recovery. Key capabilities include: Automated Response Actions: Quarantine affected resources or snapshots to halt the spread of ransomware, reducing the risk of reinfection or contamination. Recovery Initiation: Restore endpoints or data to a secure state, rolling back to a point in time before the attack occurred. Remote Resource Wiping: Effortlessly delete quarantined snapshots and wipe compromised resources to minimize the impact of malware. Malicious Hash Search: Quickly identify and remediate malicious content within backup data to enhance threat mitigation efforts. Benefits By integrating Druva Cloud Platform with your existing Splunk platform, this solution delivers real-time monitoring of backup systems, detecting unusual activities such as unauthorized access, data modification, or failed backup attempts. This unified approach empowers your security and IT teams to act quickly, respond to threats in real-time, and ensure business continuity—especially when faced with complex ransomware or data loss incidents. To learn how Druva’s comprehensive integration ecosystem can strengthen cyber resilience, visit the Druva website.

Built by Tech Partners

Latest Version 2.3.1

April 11, 2025

Release notes

Compatibility

Not Available

Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2

CIM Version: 4.x

Rating

0

(0)

Log in to rate this app

Support

Developer Supported addon

Learn more

The Druva Add-on for Splunk enables Splunk Enterprise administrators to easily ingest data from the Druva Cloud Platform into Splunk for comprehensive monitoring and analysis. This integration empowers you to consume Druva-related data through the Druva App for Splunk or any custom apps created for your Security Operations Center (SOC) or IT operations. Key Features of Druva's Ransomware Recovery Solution Data Integrity: Air-gapped, immutable backups ensure ransomware can’t execute in the Druva environment. You will always have safe backup data for recovery, even in the event of an attack. Operational Security: Enjoy 24x7x365 fully managed security operations, including automatic patching and continuous monitoring to detect threats early. Accelerated Recovery: The integration with Splunk platforms enables faster threat detection and response, coupled with Druva’s Accelerated Recovery solutions to help you return to normal operations more quickly. What This Integration Pack Does This two-way API integration connects the Druva Cloud Platform to your Splunk platform, enabling automated response actions and streamlined recovery. Key capabilities include: Automated Response Actions: Quarantine affected resources or snapshots to halt the spread of ransomware, reducing the risk of reinfection or contamination. Recovery Initiation: Restore endpoints or data to a secure state, rolling back to a point in time before the attack occurred. Remote Resource Wiping: Effortlessly delete quarantined snapshots and wipe compromised resources to minimize the impact of malware. Malicious Hash Search: Quickly identify and remediate malicious content within backup data to enhance threat mitigation efforts. Benefits By integrating Druva Cloud Platform with your existing Splunk platform, this solution delivers real-time monitoring of backup systems, detecting unusual activities such as unauthorized access, data modification, or failed backup attempts. This unified approach empowers your security and IT teams to act quickly, respond to threats in real-time, and ensure business continuity—especially when faced with complex ransomware or data loss incidents. To learn how Druva’s comprehensive integration ecosystem can strengthen cyber resilience, visit the Druva website.