A Splunk® Add-On providing the custom search commands cipher, crypt, encode, and hash for ciphering/deciphering, encrypting/decrypting, encoding/decoding and hashing fields and events at search time.
* Cipher/decipher fields or complete events during search time using RC4, ROT13, ROT47, XOR
* Encrypt/decrypt fields or complete events during search time using RSA, AES-128/192/256-CBC or AES-128/192/256-OFB
* Encode/decode fields or complete events during search time using Base32, Base58, Base62, Base64, Binary, Decimal, Hex, Octal
* Hash fields or complete events during search time using MD5, SHA1, SHA2 (224, 256, 384, 512), SHA3 (224, 256, 384, 512), Blake2
* Manage access to encryption and decryption functionality on a per-user or per-role basis via two shipped roles
* Manage usable encryption/decryption keys on a per-user or per-role basis via the app's configuration screen
Cross-compatible with Python 2 and 3. Tested on Splunk Enterprise 10.0 on Windows and Linux (64-bit).
Licensed under http://creativecommons.org/licenses/by-nc-sa/4.0/.
Shoutout to some contributors: Windu Sayles, (back in the days also: Simon Balz, Mika Borner, Christoph Dittmann)
Feel free to submit discovered issues or enhancement requests via https://github.com/hRun/TA-cryptosuite/issues.
Resources
Log in to report this app listing