Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
TA-UsersWatchlist app icon

TA-UsersWatchlist

This application provides an IOC watchlist which allows your analysts to manage list of monitored IOCs in self-service manner. This watchlist can be used to: 1) Enrich other lookups 2) Be used as source for your hunting correlation searches 3) Enrich your notables in Splunk ES See the documentation for more information about using the "Users Watchlist" dashboard (https://github.com/fkolacek/TA-UsersWatchlist/wiki). Audit trail: index=`users_watchlist_index` sourcetype=`users_watchlist_sourcetype` | table _time, user,, type, expire, monitor, reason | sort -_time

Built by Frantisek Kolacek
splunk product badge
Latest Version 2.0.4
November 28, 2023
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0
Rating

0

(0)

Log in to rate this app
Support
TA-UsersWatchlist support icon
Developer Supported addon
This application provides an IOC watchlist which allows your analysts to manage list of monitored IOCs in self-service manner. This watchlist can be used to: 1) Enrich other lookups 2) Be used as source for your hunting correlation searches 3) Enrich your notables in Splunk ES See the documentation for more information about using the "Users Watchlist" dashboard (https://github.com/fkolacek/TA-UsersWatchlist/wiki). Audit trail: index=`users_watchlist_index` sourcetype=`users_watchlist_sourcetype` | table _time, user,, type, expire, monitor, reason | sort -_time

Categories

Created By

Frantisek Kolacek

Source Code

Type

addon

Downloads

356

Licensing

Splunk Answers

Resources

Login to report this app listing