Inky HEC Add-on for Splunk
Author: Hurricane Labs
The purpose of this add-on is to provide CIM compliant field extractions for Inky logs via HEC.
+Built for Splunk Enterprise 6.x.x or higher
+CIM Compliant (CIM 4.0.0 or higher)
+Ready for Enterprise Security
Search Head: Required
Heavy Forwarder: Possibly Required
Indexer: Possibly Required
Universal Forwarder: Not Supported
Light Forwarder: Not Supported
description = Inky Events
disabled = 0
index = <REPLACEME>
indexes = <REPLACEME>
useACK = 0
token = <REPLACEME>
sourcetype = inky:email:hec
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.