Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Add-on for AusCERT app icon

Add-on for AusCERT

This add-on collects threat indicators published by AusCERT and indexes them in Splunk.

Built by
splunk product badge
Latest Version 2.1.0
July 7, 2024
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0
Rating

0

(0)

Log in to rate this app
Support
Add-on for AusCERT support icon
Developer Supported addon
This add-on collects threat indicators published by AusCERT and indexes them in Splunk. It can collect indicators from the AusCERT malware and phishing feeds. This runs as a modular input which gather the data from the AusCERT API. A valid AusCERT API key is required. Additionally, a disabled scheduled search will push these indicators into the Splunk for Enterprise Security threat intelligence framework. Enable this saved search if you are running this add-on with Splunk ES. The author of this add-on is not associated with AusCERT and cannot support the use of the API: please contact AusCERT directly for any API issues.

Categories

Created By

Luke Monahan

Type

addon

Downloads

972

Licensing

Apache 2.0(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing