Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Warning

This app is archived. Learn more

Box Shield Add-on for Splunk app icon

Box Shield Add-on for Splunk

This app is no longer supported, and will not be updated moving forward. We would suggest utilizing the Splunk built and supported integration for ingesting Box events that can be found here - https://splunkbase.splunk.com/app/2679/

Built by Box, Inc.
splunk product badge
screenshot

Latest Version 1.1.1
October 26, 2020
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2
CIM Version: 4.x
Rating

0

(0)

Log in to rate this app
Support
Box Shield Add-on for Splunk support icon
Not Supported
This app is no longer supported, and will not be updated moving forward. We would suggest utilizing the Splunk built and supported integration for ingesting Box events that can be found here - https://splunkbase.splunk.com/app/2679/ ---- Box Shield is Box's native security offering that helps prevent data leakage and detect potential threats. Box Shield generates alerts that may indicate data leakage resulting from negligent user actions or malicious threats. The Box Shield Add-on for Splunk allows you to ingest Shield's alerts on suspicious behavior, and changes to security classifications. These events are mapped to the Splunk CIM data models to enable unified reporting and deeper integration into your dashboards. Key benefits: - Time saved - starting with the pre-built integration means less custom work for IT and security teams, and shorter time to monitoring all your Shield alerts in Splunk. - Deeper visibility and insights - by adding Box Shield to Splunk, your security team gains a new level of depth into activity and content access patterns in Box. - Ease of analysis - from Splunk, analysts can more efficiently evaluate Shield alerts alongside data from other applications, and also launch directly into the Shield alert page for more detail. Key features included: - Box account configuration using OAuth2 token pair mechanism - Data collection for Shield alerts and classification events - CIM mapping for Shield alerts and classification events - Workflow action to redirect user to Box Admin Console to view the Shield alert details

Categories

Created By

Box, Inc.

Type

addon

Downloads

749

Resources

Log in to report this app listing