Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
Sophos Central app icon

Sophos Central

# Sophos Central Data Ingestor The official Sophos developed and supported application for Sophos Central ##Functionality This app will allow you to select and ingest multiple Sophos Central data sources without the need of an accompanying script. Includes Data from the below endpoints. and conforms to the CIM 4.x data model. * Central Endpoints API * Central Alerts API * Central SIEM Events API ## Requirements Requires a Sophos API Service Principal account for authentication see our getting started guide for details on API credential creation. * Getting Started for Enterprise Customers: https://developer.sophos.com/getting-started-organization * Getting Started for Partners: https://developer.sophos.com/getting-started * Getting Started for Tenants: https://developer.sophos.com/getting-started-tenant * Add-on Installation Guide: https://community.sophos.com/sophos-integrations/w/integrations/109/splunk-add-on-for-sophos-central * Feedback and Support Forum: https://community.sophos.com/sophos-integrations/f/splunk-apps-for-central-and-sophos-firewall Use the accompanying Sophos Dashboard App to get insightful dashboards across Central Data, XG data, or both if using both date sources: https://splunkbase.splunk.com/app/6188/

Built by Sophos Integrations
splunk product badge
Latest Version 1.1.6
January 31, 2025
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0
Rating

5

(4)

Log in to rate this app
Support
Sophos Central support icon
Developer Supported addon
Learn more
# Sophos Central Data Ingestor The official Sophos developed and supported application for Sophos Central ##Functionality This app will allow you to select and ingest multiple Sophos Central data sources without the need of an accompanying script. Includes Data from the below endpoints. and conforms to the CIM 4.x data model. * Central Endpoints API * Central Alerts API * Central SIEM Events API ## Requirements Requires a Sophos API Service Principal account for authentication see our getting started guide for details on API credential creation. * Getting Started for Enterprise Customers: https://developer.sophos.com/getting-started-organization * Getting Started for Partners: https://developer.sophos.com/getting-started * Getting Started for Tenants: https://developer.sophos.com/getting-started-tenant * Add-on Installation Guide: https://community.sophos.com/sophos-integrations/w/integrations/109/splunk-add-on-for-sophos-central * Feedback and Support Forum: https://community.sophos.com/sophos-integrations/f/splunk-apps-for-central-and-sophos-firewall Use the accompanying Sophos Dashboard App to get insightful dashboards across Central Data, XG data, or both if using both date sources: https://splunkbase.splunk.com/app/6188/

Categories

Created By

Sophos Integrations

Type

addon

Downloads

3,662

Licensing

Splunk Answers

Resources

Login to report this app listing