Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
CCX Rapid7 Products Extensions (InsightVM and Nexpose) app icon

CCX Rapid7 Products Extensions (InsightVM and Nexpose)

About Us: CyberCX is Australia’s greatest force of cyber security experts. Our highly skilled professional services team operates a 24x7 on-shore security operations centre (SOC) servicing corporate and public sector organisations across Australia and New Zealand, specialising in Security Operations services leveraging Splunk. Description: The CCX Add-on for Rapid7 Products Extensions looks to provide additional field extraction and CIM compliance for Rapid7 log sources captured via the Add-on Rapid7 InsightVM Technology Add-On for Splunk or Rapid7 Nexpose Technology Add-On for Splunk. This Technical Add-on does not replace the public Splunk Add-on for Rapid7 InsightVM (https://splunkbase.splunk.com/app/5097) or Rapid7 Nexpose (https://splunkbase.splunk.com/app/3457) but works as an additional extension to be deployed on Search Heads (only). Currently this add-on provides additional extraction and CIM compliance for sourcetypes: - rapid7:nexpose:vuln - rapid7:insightvm:asset - rapid7:insightvm:asset:vulnerability_finding - rapid7:insightvm:vulnerability_definition Fully compatible with Splunk Enterprise and Splunk Cloud, built by an Ops team for Ops teams. Features: - This TA supports logtypes tagged under the following CIM datamodels: Alerts, Inventory, and Vulnerabilities.

Built by Henrique Linsmeyer
splunk product badge
Latest Version 1.0.4
October 4, 2023
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1
CIM Version: 5.x, 4.x
Rating

0

(0)

Log in to rate this app
Support
CCX Rapid7 Products Extensions (InsightVM and Nexpose) support icon
Developer Supported addon
About Us: CyberCX is Australia’s greatest force of cyber security experts. Our highly skilled professional services team operates a 24x7 on-shore security operations centre (SOC) servicing corporate and public sector organisations across Australia and New Zealand, specialising in Security Operations services leveraging Splunk. Description: The CCX Add-on for Rapid7 Products Extensions looks to provide additional field extraction and CIM compliance for Rapid7 log sources captured via the Add-on Rapid7 InsightVM Technology Add-On for Splunk or Rapid7 Nexpose Technology Add-On for Splunk. This Technical Add-on does not replace the public Splunk Add-on for Rapid7 InsightVM (https://splunkbase.splunk.com/app/5097) or Rapid7 Nexpose (https://splunkbase.splunk.com/app/3457) but works as an additional extension to be deployed on Search Heads (only). Currently this add-on provides additional extraction and CIM compliance for sourcetypes: - rapid7:nexpose:vuln - rapid7:insightvm:asset - rapid7:insightvm:asset:vulnerability_finding - rapid7:insightvm:vulnerability_definition Fully compatible with Splunk Enterprise and Splunk Cloud, built by an Ops team for Ops teams. Features: - This TA supports logtypes tagged under the following CIM datamodels: Alerts, Inventory, and Vulnerabilities.

Categories

Created By

Henrique Linsmeyer

Type

addon

Downloads

297

Licensing

Splunk Answers

Resources

Login to report this app listing