Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Warning

This app is archived. App archiving documentation

Add-on for Linux Sysmon app icon

Add-on for Linux Sysmon

The Splunk Add-on for Linux Sysmon extract fields from syslog data. Add-On map events for CIM data models: Endpoint, Network Resolution (DNS), Network Traffic, Change.

Built by
splunk product badge
Latest Version 1.0.4
February 8, 2022
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0
CIM Version: 4.x
Rating

0

(0)

Log in to rate this app
Support
Add-on for Linux Sysmon support icon
Not Supported
The Splunk Add-on for Linux Sysmon extract fields from syslog data. Add-On map events for CIM data models: Endpoint, Network Resolution (DNS), Network Traffic, Change. The Splunk Add-on for Linux Sysmon provides the parsing and CIM-compatible knowledge to use with other Splunk apps, such as Splunk Enterprise Security and the Splunk App for PCI Compliance.

Categories

Created By

Cedric HIEN

Type

addon

Downloads

15,666

Licensing

Splunk End User License for Third Party Content(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing