Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an app
Encode / Decode Data for Splunk app icon

Encode / Decode Data for Splunk

The code custom command allows for the encoding and decoding of fields within Splunk results and returning the results into a destination field. This is particularly useful with attackers hiding their data (via base64 encoding for example) and being able to decode these fields on the fly within SPL without needing to export the data is extremely useful.

Built by
splunk product badge
Latest Version 1.0.9
August 23, 2024
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0
Rating

0

(0)

Log in to rate this app
Support
Encode / Decode Data for Splunk support icon
Not Supported
The code custom command allows for the encoding and decoding of fields within Splunk results and returning the results into a destination field. This is particularly useful with attackers hiding their data (via base64 encoding for example) and being able to decode these fields on the fly within SPL without needing to export the data is extremely useful. The following methods are currently supported: - base64, base32, base85 - ROT - XOR - Hex - URL While this app is not formally supported, the developer can be reached at tighesplunk.com (OR in splunk-usergroups slack, @workape). Responses are made on a best effort basis. Feedback is always welcome and appreciated! (if you use the User Group approach, include: Learn more about splunk-usergroups slack here: https://docs.splunk.com/Documentation/Community/current/community/Chat#Join_us_on_Slack)

Categories

Created By

Splunk Works

Type

addon

Downloads

3,347

Licensing

Splunk Answers

Resources

Log in to report this app listing