SpyCloud Add-On for Splunk app icon

SpyCloud Add-On for Splunk

SpyCloud is the market leader in protecting enterprises and their customers from online fraud, account takeover, and follow-on attacks like ransomware. We provide an early warning of compromised credentials and malware-infected users, so you can take action before the criminals do.

Built by CW Walker
splunk product badge
Latest Version 3.3.3
June 5, 2026
Compatibility
Splunk Enterprise, Splunk Cloud
Platform Version: 10.4, 10.3, 10.2, 10.1, 10.0
CIM Version: 8.x, 6.x, 5.x, 4.x, 3.x
Rating

3

(2)

Log in to rate this app
Support
SpyCloud Add-On for Splunk support icon
Developer Supported addon
SpyCloud is the market leader in protecting enterprises and their customers from online fraud, account takeover, and follow-on attacks like ransomware. We provide an early warning of compromised credentials and malware-infected users, so you can take action before the criminals do. This add-on provides integration into SpyCloud’s Enterprise API, allowing you to download breach alerts directly into Splunk so you can take action immediately. This add-on uses the customer’s configured SpyCloud watchlist (domain(s), email(s) and IP address(es)) when determining what data to download into Splunk. The add-on setup requires the user to specify the index to use when storing data and a valid SpyCloud Enterprise ATO Protection API Key. The add-on pulls data on a predefined daily schedule which can be adjusted by the user. This data loaded by this add-on can be viewed using the SpyCloud Application for Splunk found here: https://splunkbase.splunk.com/app/6373/

Categories

Security, Fraud & Compliance, SIEM

Created By

CW Walker

Type

addon

Downloads

901

Licensing

Splunk End User License for Third Party Content(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing