Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
SpyCloud Add-On for Splunk app icon

SpyCloud Add-On for Splunk

SpyCloud is the market leader in protecting enterprises and their customers from online fraud, account takeover, and follow-on attacks like ransomware. We provide an early warning of compromised credentials and malware-infected users, so you can take action before the criminals do. This add-on provides integration into SpyCloud’s Enterprise API, allowing you to download breach alerts directly into Splunk so you can take action immediately. This add-on uses the customer’s configured SpyCloud watchlist (domain(s), email(s) and IP address(es)) when determining what data to download into Splunk. The add-on setup requires the user to specify the index to use when storing data and a valid SpyCloud Enterprise ATO Protection API Key. The add-on pulls data on a predefined daily schedule which can be adjusted by the user. This data loaded by this add-on can be viewed using the SpyCloud Application for Splunk found here: https://splunkbase.splunk.com/app/6373/

Built by CW Walker
splunk product badge
Latest Version 2.0.4
June 20, 2024
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2
Rating

0

(0)

Log in to rate this app
Support
SpyCloud Add-On for Splunk support icon
Developer Supported addon
Ranking

#42

in SIEM
SpyCloud is the market leader in protecting enterprises and their customers from online fraud, account takeover, and follow-on attacks like ransomware. We provide an early warning of compromised credentials and malware-infected users, so you can take action before the criminals do. This add-on provides integration into SpyCloud’s Enterprise API, allowing you to download breach alerts directly into Splunk so you can take action immediately. This add-on uses the customer’s configured SpyCloud watchlist (domain(s), email(s) and IP address(es)) when determining what data to download into Splunk. The add-on setup requires the user to specify the index to use when storing data and a valid SpyCloud Enterprise ATO Protection API Key. The add-on pulls data on a predefined daily schedule which can be adjusted by the user. This data loaded by this add-on can be viewed using the SpyCloud Application for Splunk found here: https://splunkbase.splunk.com/app/6373/

Categories

Created By

CW Walker

Type

addon

Downloads

707

Licensing

Splunk Answers

Resources

Login to report this app listing