Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an app
CrowdStrike Unified Alerts Technical Add-On app icon

CrowdStrike Unified Alerts Technical Add-On

CrowdStrike Unified Alert Add-on provide CrowdStrike customers with the ability to collect multiple types of detections and alerts from a single Splunk Add-on leveraging CrowdStrike's Unified Alerts API. The data sets provided in the Unified Alerts events are some of the most comprehensive provided via CrowdStrike API. Customers that want to collect more detailed information around detections than what's provided in the Event Streams API should deploy this add-on.

Built by
splunk product badge
screenshot
screenshot
Latest Version 2.3.1
December 26, 2023
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0
CIM Version: 5.x
Rating

0

(0)

Log in to rate this app
Support
CrowdStrike Unified Alerts Technical Add-On support icon
Developer Supported addon
Ranking

#48

in Endpoint
CrowdStrike Unified Alert Add-on provide CrowdStrike customers with the ability to collect multiple types of detections and alerts from a single Splunk Add-on leveraging CrowdStrike's Unified Alerts API. The data sets provided in the Unified Alerts events are some of the most comprehensive provided via CrowdStrike API. Customers that want to collect more detailed information around detections than what's provided in the Event Streams API should deploy this add-on. NOTE: The types of detections shown depend on the active Falcon subscriptions. The some examples of the types of detections that are available for collection are: Endpoint detections Mobile detections Identity-based detections Cloud runtime detections

Categories

Created By

CrowdStrike

Type

addon

Downloads

1,016

Licensing

Splunk Answers

Resources

Log in to report this app listing