Welcome to the new Splunkbase! To return to the old Splunkbase, .
Collections
Apps
Submit an app
Warning

This app is archived.

cmdReporter macOS security audit and log parsing Add-on app icon

cmdReporter macOS security audit and log parsing Add-on

cmdReporter is a security monitoring tool for macOS. cmdReporter collects and continually streams the data IT security teams need, to the logging and SIEM tools they already use.

Built by
splunk product badge
screenshot
screenshot
screenshot
Latest Version 1.3.0
July 27, 2020
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0
CIM Version: 4.x
Rating

0

(0)

Log in to rate this app
Support
cmdReporter macOS security audit and log parsing Add-on support icon
Not Supported
cmdReporter is a security monitoring tool for macOS. cmdReporter collects and continually streams the data IT security teams need, to the logging and SIEM tools they already use. The purpose of this add-on is to add additional value and sorting to cmdReporter's macOS security, audit, and operational logs. This is done by making the logs CIM compliant, adding tagging for Enterprise Security data models, and other knowledge objects to make searching and visualizing this data easy. Additional Information about cmdReporter https://www.cmdsec.com/cmdreporter cmdReporter (agent) supports macOS Versions: 10.8 - 10.15+ *Note:* All screenshots are cmdReporter data in Splunk's InfoSec application to demonstrate CIM compliance. InfoSec application available here: https://splunkbase.splunk.com/app/4240/ Collected and parsed data types include: - OpenBSM audit logs - Apple Unified Logs - macOS configuration changes - Hardware add/remove events - Network connections - Gatekeeper and XProtect logs - File event monitoring

Categories

Created By

Daniel Griggs

Type

addon

Downloads

1,602

Licensing

Splunk Answers

Resources

Log in to report this app listing