Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an app
Splunk Add-on for CrowdStrike FDR app icon

Splunk Add-on for CrowdStrike FDR

The Splunk Add-on for CrowdStrike FDR lets you collect event data stored in CrowdStrike and bring it into your own Splunk instance for retention and further analysis.
The Add-on collects different logs and events from different sources monitored by the CrowdStrike platform and provides CIM-compatible knowledge to use with other Splunk apps.

Built by
splunk product badge
Latest Version 2.0.5
June 12, 2025
Compatibility
Not Available
Platform Version: 10.0, 9.4, 9.3, 9.2, 9.1
CIM Version: 5.x
Rating

0

(0)

Log in to rate this app
Support
Splunk Add-on for CrowdStrike FDR support icon
Splunk Supported addon
Ranking

#12

in Security, Fraud & Compliance
The Splunk Add-on for CrowdStrike FDR lets you collect event data stored in CrowdStrike and bring it into your own Splunk instance for retention and further analysis.
The Add-on collects different logs and events from different sources monitored by the CrowdStrike platform and provides CIM-compatible knowledge to use with other Splunk apps. Crowdstrike FDR events must be fetched from an AWS S3 bucket that is provisioned for you. The integration utilizes AWS SQS to support scaling horizontally if required. Version 2.0.0 of the Splunk Add-on for Crowdstrike FDR contains the following new and changed features: -New monitoring dashboard -New events for CIM normalization -Updated events CIM normalization -FedRAMP certification -IPv6 compatibility

Categories

Created By

Splunk LLC

Type

addon

Downloads

117,836

Licensing

Splunk Answers

Resources

Log in to report this app listing