Latest Version 2.3.0
September 19, 2024
Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
OMICRON StationGuard for Splunk
For integrating StationGuard devices into a Splunk environment, OMICRON provides a preconfigured Splunk application, the OMICRON StationGuard for Splunk application (StationGuard app). This application can be used and installed on a Search Head or a single host installation of Splunk. It creates the proper Data Inputs, a SourceType and the Event types to be used for the StationGuard logs. The fields in the syslog events are parsed and utilized in the corresponding views. These fields are then mapped to the corresponding Splunk Common information model (CIM) for Intrusion Detection. To visualize data from StationGuard devices, a Dashboard is included in the StationGuard app.
Built by
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0
CIM Version: 5.x, 4.x
Rating
0
(0)
Log in to rate this app
Support
Developer Supported app
Ranking
#43
in Network Security
For integrating StationGuard devices into a Splunk environment, OMICRON provides a preconfigured Splunk application, the OMICRON StationGuard for Splunk application (StationGuard app). This application can be used and installed on a Search Head or a single host installation of Splunk. It creates the proper Data Inputs, a SourceType and the Event types to be used for the StationGuard logs. The fields in the syslog events are parsed and utilized in the corresponding views. These fields are then mapped to the corresponding Splunk Common information model (CIM) for Intrusion Detection. To visualize data from StationGuard devices, a Dashboard is included in the StationGuard app.
Categories
Created By
Christoph Rheinberger
Type
app
Downloads
956
Licensing
Splunk Answers
Resources
Log in to report this app listing