Warning
Splunkbase Classic has been deprecated and will be deactivated on February 18, 2026.
Warning

This app is archived. App archiving documentation

Add-on for Linux Sysmon app icon

Add-on for Linux Sysmon

The Splunk Add-on for Linux Sysmon extract fields from syslog data. Add-On map events for CIM data models: Endpoint, Network Resolution (DNS), Network Traffic, Change.

Built by
splunk product badge
Latest Version 1.0.4
February 8, 2022
Compatibility
Splunk Enterprise
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0
CIM Version: 4.x
Rating

0

(0)

Log in to rate this app
Support
Add-on for Linux Sysmon support icon
Not Supported
The Splunk Add-on for Linux Sysmon extract fields from syslog data. Add-On map events for CIM data models: Endpoint, Network Resolution (DNS), Network Traffic, Change. The Splunk Add-on for Linux Sysmon provides the parsing and CIM-compatible knowledge to use with other Splunk apps, such as Splunk Enterprise Security and the Splunk App for PCI Compliance.

Categories

Security, Fraud & Compliance

Created By

Cedric HIEN

Type

addon

Downloads

15,666

Licensing

Splunk End User License for Third Party Content(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing