The BotRx Protx for Splunk is to help BotRx ProTx customers to integrate their ProTx appliances into the Splunk system. It provides two source types for customers to choose based on their deployment needs, as well as a dashboard to show threat events detected by ProTx.
7.0.0 and above
This app contains predefined source types that Splunk Enterprise uses to ingest incoming events and categorize these events for search.
The source types are based on the data sources that the app ingests.
Many of the source types support data models in the Common Information Model.
Source type | Collection method |
--- | --- |
botrx:protx:syslog | UDP/TCP/file over syslog protocol
botrx:protx:json | HTTP/HTTPS/file without syslog header
This app should be installed on the indexers and search heads.
Questions and feature requests (BotRx ProTx app specific): email@example.com
Initial release of BotRx Protx for Splunk.
Fix: Remove local.meta
First Release of BotRx Protx for Splunk
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.