SpyCloud Add-On for Splunk app icon

SpyCloud Add-On for Splunk

SpyCloud is the market leader in protecting enterprises and their customers from online fraud, account takeover, and follow-on attacks like ransomware. We provide an early warning of compromised credentials and malware-infected users, so you can take action before the criminals do.

Built by
splunk product badge
Latest Version 2.0.6
December 16, 2025
Compatibility
Splunk Enterprise, Splunk Cloud
Platform Version: 10.1, 10.0, 9.4, 9.3, 9.2, 9.1, 9.0, 8.2
CIM Version: 6.x, 5.x, 4.x, 3.x
Rating

0

(0)

Log in to rate this app
Support
SpyCloud Add-On for Splunk support icon
Developer Supported addon
SpyCloud is the market leader in protecting enterprises and their customers from online fraud, account takeover, and follow-on attacks like ransomware. We provide an early warning of compromised credentials and malware-infected users, so you can take action before the criminals do. This add-on provides integration into SpyCloud’s Enterprise API, allowing you to download breach alerts directly into Splunk so you can take action immediately. This add-on uses the customer’s configured SpyCloud watchlist (domain(s), email(s) and IP address(es)) when determining what data to download into Splunk. The add-on setup requires the user to specify the index to use when storing data and a valid SpyCloud Enterprise ATO Protection API Key. The add-on pulls data on a predefined daily schedule which can be adjusted by the user. This data loaded by this add-on can be viewed using the SpyCloud Application for Splunk found here: https://splunkbase.splunk.com/app/6373/

Categories

Security, Fraud & Compliance, SIEM

Created By

CW Walker

Type

addon

Downloads

819

Licensing

Splunk End User License for Third Party Content(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing