Thinkst Canary Audit Input app icon

Thinkst Canary Audit Input

Pulls down Thinkst Canary audit logs using the API.

Built by
splunk product badge
Latest Version 1.0.2
August 10, 2025
Compatibility
Splunk Enterprise, Splunk Cloud
Platform Version: 10.1, 10.0, 9.4, 9.3, 9.2
Rating

5

(2)

Log in to rate this app
Support
Thinkst Canary Audit Input support icon
Not Supported
Pulls down Thinkst Canary audit logs using the API. Install on Splunk Cloud IDM or a heavy forwarder. Can also be installed on Search heads for the sourcetypes, but its clearer if you just create the sourcetype canarytools:audit manually with KV_MODE = none. Icon from https://www.vecteezy.com/vector-art/1919479-linear-audit-document-icons-design-isolated-on-white-background https://github.com/Bre77/TA_thinkst_canary_audit

Categories

Security, Fraud & Compliance

Created By

Brett Adams

Source Code

github.com/Bre77/TA_thinkst_canary_audit(Opens new window)

Type

addon

Downloads

721

Licensing

End User License Agreement for Third-Party Content(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing