Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an app
Qintel QSentry Feed Add-on for Splunk app icon

Qintel QSentry Feed Add-on for Splunk

QSentry is a consumable feed of anonymization and threat actor IP addresses sourced from the Deep and DarkWeb and QIntel’s proprietary research. The IPs in the feed are associated with infrastructure actively utilized or abused by cyber criminals, including VPN/Proxy services and IP addresses linked to the malicious infrastructure of criminal and nation-state actors. With this integration, users can fetch a daily list of newly compiled indicators from QSentry’s collections.

Built by
splunk product badge
screenshot
screenshot
screenshot
Latest Version 1.1.0
May 3, 2024
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1
CIM Version: 5.x, 4.x, 3.x
Rating

0

(0)

Log in to rate this app
Support
Qintel QSentry Feed Add-on for Splunk support icon
Not Supported
QSentry is a consumable feed of anonymization and threat actor IP addresses sourced from the Deep and DarkWeb and QIntel’s proprietary research. The IPs in the feed are associated with infrastructure actively utilized or abused by cyber criminals, including VPN/Proxy services and IP addresses linked to the malicious infrastructure of criminal and nation-state actors. With this integration, users can fetch a daily list of newly compiled indicators from QSentry’s collections. The Qintel QSentry Technology Add-on allows you to ingest the Qintel QSentry feed into a key value store in Splunk so that your logs data can be enriched automatically or at search time.

Categories

Created By

Qintel Integrations

Type

addon

Downloads

389

Licensing

Splunk Answers

Resources

Log in to report this app listing