Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an app
TA-UsersWatchlist app icon

TA-UsersWatchlist

This application provides an IOC watchlist which allows your analysts to manage list of monitored IOCs in self-service manner. This watchlist can be used to: 1) Enrich other lookups 2) Be used as source for your hunting correlation searches 3) Enrich your notables in Splunk ES

Built by
splunk product badge
screenshot
screenshot
Latest Version 2.0.4
November 28, 2023
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0
Rating

0

(0)

Log in to rate this app
Support
TA-UsersWatchlist support icon
Developer Supported addon
This application provides an IOC watchlist which allows your analysts to manage list of monitored IOCs in self-service manner. This watchlist can be used to: 1) Enrich other lookups 2) Be used as source for your hunting correlation searches 3) Enrich your notables in Splunk ES See the documentation for more information about using the "Users Watchlist" dashboard (https://github.com/fkolacek/TA-UsersWatchlist/wiki). Audit trail: index=`users_watchlist_index` sourcetype=`users_watchlist_sourcetype` | table _time, user,, type, expire, monitor, reason | sort -_time

Categories

Created By

Frantisek Kolacek

Source Code

Type

addon

Downloads

412

Licensing

Splunk Answers

Resources

Log in to report this app listing