CCX Add-on for Abnormal Security Products (Email Security)

About Us: CyberCX is Australia’s greatest force of cyber security experts. Our highly skilled professional services team operates a 24x7 on-shore security operations centre (SOC) servicing corporate and public sector organisations across Australia and New Zealand, specialising in Security Operations services leveraging Splunk. Description: The CCX Splunk Add-on for Abnormal Security Email looks to provide a single field extraction bundle for Abnormal Security logs and does not rely on any other Splunk Add-ons. This TA was built using a large dataset and endeavours to be the first and most CIM compliant comprehensive field extraction TA available for: - Abnormal Security - HTTP Event Collector (JSON) - source abnormal-security Fully compatible with Splunk Enterprise and Splunk Cloud, built by an Ops team for Ops teams. Features: - This TA currently supports logtypes tagged under the following CIM datamodels: Alerts, Authentication, Change, Email, and Intrusion Detection (IDS).