CrowdStrike Falcon Event Streams Technical Add-On

This technical add-on enables customers to create a persistent connect to CrowdStrike's Event Streams API so that the available detection, event, incident and audit data can be continually streamed to their Splunk environment. This connection enables organizations to combine the power of the Splunk platform with the visibility and rich event data of the CrowdStrike platform. This add-on also is used to support the CrowdStrike Falcon App (https://splunkbase.splunk.com/app/5094/).

Built by CrowdStrike

Latest Version 3.5.0

November 22, 2024

Release notes

Compatibility

Not Available

Platform Version: 9.4, 9.3, 9.2, 9.1

CIM Version: 6.x, 5.x

Rating

3

(11)

Log in to rate this app

Support

Developer Supported addon

Learn more

Ranking

#41

in Security, Fraud & Compliance

This technical add-on enables customers to create a persistent connect to CrowdStrike's Event Streams API so that the available detection, event, incident and audit data can be continually streamed to their Splunk environment. This connection enables organizations to combine the power of the Splunk platform with the visibility and rich event data of the CrowdStrike platform. This add-on also is used to support the CrowdStrike Falcon App (https://splunkbase.splunk.com/app/5094/).