Digital Guardian offers security’s most technologically advanced endpoint agent. Only Digital Guardian ends data theft by protecting sensitive data from skilled insiders and persistent outside attackers.
The Digital Guardian ARC App for Splunk Enterprise lets customers understand risks to sensitive data across the enterprise from insider and outsider threats.
The App works with the Digital Guardian ARC which brings Digital Guardian events, alerts, and alarms into Splunk Enterprise.
Released on 1/8/2020
* Initial Version
For any support issues with this product, please contact email@example.com
Before installing this TA, you must have the following information from your ARC instance:
This app should be installed on both the Heavy Forwarder or Input Data Manager as well as all of the indexers and search heads.
After installing the app on your Splunk instance:
1. Go to Settings -> Data Inputs
2. Click on "+Add New" next to "DigitalGuardian ARC Events"
3. On the next screen, name your input and fill in the fields with the values you pulled out of your ARC instance.
4. Click More Settings and verify your interval and index settings are appropriate for your deployment.
5. Click Next and your Data Input will be configured.
6. Search for sourcetype=dg:arc in the index you sent your data to in order to verify that everything is working.
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.