Warning
Splunkbase Classic has been deprecated and will be deactivated on February 18, 2026.
OpenCTI Add-on for Splunk app icon

OpenCTI Add-on for Splunk

OpenCTI is an open-source platform developed by Filigran to help organizations manage their cyber threat intelligence and observables. It enables cybersecurity teams to efficiently organize, store, and operationalize threat information across technical, operational, and strategic levels

Built by , an official Splunk Partner
splunk product badge
screenshot
screenshot
screenshot
Latest Version 1.1.7
January 13, 2026
Compatibility
Splunk Enterprise, Splunk Cloud
Platform Version: 10.1, 10.0, 9.4, 9.3, 9.2, 9.1, 9.0
CIM Version: 6.x, 5.x, 4.x
Rating

0

(0)

Log in to rate this app
Support
OpenCTI Add-on for Splunk support icon
Developer Supported addon
Ranking

#29

in Threat Intel
OpenCTI is an open-source platform developed by Filigran to help organizations manage their cyber threat intelligence and observables. It enables cybersecurity teams to efficiently organize, store, and operationalize threat information across technical, operational, and strategic levels OpenCTI Add-On for Splunk enables Splunk users to interconnect Splunk With OpenCTI and to leverage threat information to improve detection capabilities and response to security incidents. Key features: - Ability to ingest Indicators exposed through an OpenCTI live stream - Ability to trigger OpenCTI actions in response of Alerts and to investigate them directly in OpenCTI About Filigran Filigran (www.filigran.io) provides open-source cybersecurity solutions covering threat intelligence management, breach and attack simulation, and cyber risk management.

Categories

Threat Intel

Created By

Filigran, an official Splunk Partner

Source Code

OpenCTI Splunk Add-on(Opens new window)

Type

addon

Downloads

1,360

Licensing

Apache License Version 2.0(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing