Latest Version 1.0.1
November 30, 2023
Warning
Splunkbase Classic has been deprecated and will be deactivated on February 18, 2026.
This app is archived. App archiving documentation
WatchGuard Endpoint Add-on for Splunk
The WatchGuard Endpoint Add-on for Splunk enables Splunk to collect and parse data from WatchGuard EPDR and Panda AD360. This app normalizes Endpoint logs ingested from SIEM Feeder into CIM-compliant datamodels for use with Splunk Enterprise Security and other Splunk Enterprise apps. You can also consume this data using the separate WatchGuard Visibility App for Splunk.
Built by
Compatibility
Splunk Enterprise
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0
CIM Version: 5.x
Rating
0
(0)
Log in to rate this app
Support
Not Supported
The WatchGuard Endpoint Add-on for Splunk enables Splunk to collect and parse data from WatchGuard EPDR and Panda AD360. This app normalizes Endpoint logs ingested from SIEM Feeder into CIM-compliant datamodels for use with Splunk Enterprise Security and other Splunk Enterprise apps. You can also consume this data using the separate WatchGuard Visibility App for Splunk.
Categories
Endpoint, Security, Fraud & Compliance
Created By
WatchGuard Technologies
Type
addon
Downloads
236
Licensing
ISC License(Opens new window)Splunk Answers
Ask a question about this app listing(Opens new window)Resources
Log in to report this app listing