Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Warning

This app is archived. App archiving documentation

Microsoft Defender AntiVirus - Technical Add-on app icon

Microsoft Defender AntiVirus - Technical Add-on

This extension for Splunk® is a rewrite of the Add-on already created by pdoconnell (TA-microsoft-windefender) that we adapt to our needs and requirements.

Built by
splunk product badge
Latest Version 0.4.3
August 7, 2023
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1
CIM Version: 5.x, 4.x
Rating

0

(0)

Log in to rate this app
Support
Microsoft Defender AntiVirus - Technical Add-on support icon
Not Supported
Ranking

#45

in Endpoint
This extension for Splunk® is a rewrite of the Add-on already created by pdoconnell (TA-microsoft-windefender) that we adapt to our needs and requirements. This add-on is intended as a complement to the Splunk Add-on for Microsoft Windows, which also manages the basic operations of the field extraction from the xml or raw events. If you have installed that add-on you can also use this one to extract more information and present it according to CIM. Code is hosted on Github: https://github.com/nextpart/Defender_TA_nxtp

Categories

Created By

Michael from NEXTPART Security Intelligence

Source Code

Defender_TA_nxtp(Opens new window)

Type

addon

Downloads

1,227

Licensing

Apache License Version 2.0(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing