Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
Trellix ePO SaaS Connector app icon

Trellix ePO SaaS Connector

Trellix SIA Support team officially developed a new ecosystem by integrating key Trellix features from Trellix ePO SaaS and Trellix Insights directly within the Splunk server. This integration is achieved through the development of the Trellix ePO SaaS Connector app for Splunk. This enhanced ecosystem empowers Splunk administrators with the following functionalities. - Apply Trellix ePO SaaS tags to devices using the sourceipv4 attribute. - Removal of Trellix ePO SaaS tags from devices using the sourceipv4 attribute. - Enrichment of endpoint system data from Trellix ePO SaaS for devices utilizing the sourceipv4 attribute. - Ingestion of Trellix ePO SaaS threat events into the Splunk Server for correlation. - Ingestion of Trellix Insights events into the Splunk Server for correlation. - Visualization of event data through graphical representations in the Dashboard. This integration enhances the functionality and effectiveness of both Trellix and Splunk platforms, enabling streamlined management, analysis, and visualization of security and operational data for administrators.

Built by Trellix SIASupport
splunk product badge
Compatibility
Not Available
Platform Version: 9.3
Rating

0

(0)

Log in to rate this app
Trellix SIA Support team officially developed a new ecosystem by integrating key Trellix features from Trellix ePO SaaS and Trellix Insights directly within the Splunk server. This integration is achieved through the development of the Trellix ePO SaaS Connector app for Splunk. This enhanced ecosystem empowers Splunk administrators with the following functionalities. - Apply Trellix ePO SaaS tags to devices using the sourceipv4 attribute. - Removal of Trellix ePO SaaS tags from devices using the sourceipv4 attribute. - Enrichment of endpoint system data from Trellix ePO SaaS for devices utilizing the sourceipv4 attribute. - Ingestion of Trellix ePO SaaS threat events into the Splunk Server for correlation. - Ingestion of Trellix Insights events into the Splunk Server for correlation. - Visualization of event data through graphical representations in the Dashboard. This integration enhances the functionality and effectiveness of both Trellix and Splunk platforms, enabling streamlined management, analysis, and visualization of security and operational data for administrators.

Categories

Created By

Trellix SIASupport

Type

app

Downloads

424

Licensing

Splunk Answers

Resources

Login to report this app listing