Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
Microsoft Defender AntiVirus - Technical Add-on app icon

Microsoft Defender AntiVirus - Technical Add-on

This extension for Splunk® is a rewrite of the Add-on already created by pdoconnell (TA-microsoft-windefender) that we adapt to our needs and requirements. This add-on is intended as a complement to the Splunk Add-on for Microsoft Windows, which also manages the basic operations of the field extraction from the xml or raw events. If you have installed that add-on you can also use this one to extract more information and present it according to CIM. Code is hosted on Github: https://github.com/nextpart/Defender_TA_nxtp

Built by Michael from NEXTPART Security Intelligence
splunk product badge
Latest Version 0.4.3
August 7, 2023
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1
CIM Version: 5.x, 4.x
Rating

5

(1)

Log in to rate this app
Support
Microsoft Defender AntiVirus - Technical Add-on support icon
Developer Supported addon
Learn more
Ranking

#42

in Endpoint
This extension for Splunk® is a rewrite of the Add-on already created by pdoconnell (TA-microsoft-windefender) that we adapt to our needs and requirements. This add-on is intended as a complement to the Splunk Add-on for Microsoft Windows, which also manages the basic operations of the field extraction from the xml or raw events. If you have installed that add-on you can also use this one to extract more information and present it according to CIM. Code is hosted on Github: https://github.com/nextpart/Defender_TA_nxtp

Categories

Created By

Michael from NEXTPART Security Intelligence

Source Code

Type

addon

Downloads

1,044

Licensing

Splunk Answers

Resources

Login to report this app listing