Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an app
Detection Backfill (Rerun and Healthcheck) app icon

Detection Backfill (Rerun and Healthcheck)

This TA can be used to fill in detection gaps following a period of data collection interruption. Once data are recovered in Splunk, this application can be used to restart scheduled searches during this outage.

Built by
splunk product badge
screenshot
screenshot
screenshot
screenshot
Latest Version 1.5.3
February 18, 2025
Compatibility
Not Available
Platform Version: 10.0, 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0
CIM Version: 6.x, 5.x, 4.x, 3.x
Rating

0

(0)

Log in to rate this app
Support
Detection Backfill (Rerun and Healthcheck) support icon
Developer Supported app
Ranking

#46

in SIEM
This TA can be used to fill in detection gaps following a period of data collection interruption. Once data are recovered in Splunk, this application can be used to restart scheduled searches during this outage. You can automatically create your list of backfills using a dedicated dashboard based on an outage period and a regexp on savedsearches that need to be rerun. You can manage the backlog of all your rescheduled searches (backfills are run periodically to avoid performance issues over the platform) You can monitor the reruns based on the internal logs and a full details of logging provided in the python scripts

Categories

Created By

Alexandre Demeyer

Type

app

Downloads

877

Licensing

Splunk Answers

Resources

Log in to report this app listing