Warning
Splunkbase Classic has been deprecated and will be deactivated on February 18, 2026.
Supporting Add on for MITRE app icon

Supporting Add on for MITRE

This app provides a method to ingest MITRE ATT&CK® tactics, techniques, and subtechniques into Splunk events. The app contains a mitre_techniques KVStore with the metadata provided from ATT&CK to help enrich alerts and ES Correlations without needing to navigate back to the MITRE ATT&CK website.

Built by
splunk product badge
screenshot
Latest Version 1.2.1
April 18, 2024
Compatibility
Splunk Enterprise
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0
CIM Version: 5.x, 4.x
Rating

0

(0)

Log in to rate this app
Support
Supporting Add on for MITRE support icon
Developer Supported addon
This app provides a method to ingest MITRE ATT&CK® tactics, techniques, and subtechniques into Splunk events. The app contains a mitre_techniques KVStore with the metadata provided from ATT&CK to help enrich alerts and ES Correlations without needing to navigate back to the MITRE ATT&CK website. IMPORTANT: Standalone Search Head (will not work on Search Head Cluster) Direct internet connection required (no proxy)

Categories

Security, Fraud & Compliance, Utilities

Created By

bitsIO inc

Type

addon

Downloads

1,886

Licensing

End User License Agreement for Third-Party Content(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing