Latest Version 1.3.7
November 6, 2025
Warning
Splunkbase Classic has been deprecated and will be deactivated on February 18, 2026.
SOCRadar TAXII 2.1
The SOCRadar TAXII 2.1 Add-on enables Splunk users to collect threat intelligence feeds from SOCRadar's TAXII 2.1 server. It automates the ingestion of indicators such as malicious IPs, domains, URLs, and file hashes into Splunk for security monitoring and threat hunting. The add-on supports multiple collection feeds, incremental data updates, and includes a dashboard for threat visibility.
Built by
Compatibility
Splunk Enterprise, Splunk Cloud
Platform Version: 10.1, 10.0, 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0
Rating
0
(0)
Log in to rate this app
Support
Developer Supported app
The SOCRadar TAXII 2.1 Add-on enables Splunk users to collect threat intelligence feeds from SOCRadar's TAXII 2.1 server. It automates the ingestion of indicators such as malicious IPs, domains, URLs, and file hashes into Splunk for security monitoring and threat hunting. The add-on supports multiple collection feeds, incremental data updates, and includes a dashboard for threat visibility.
Categories
Security, Fraud & Compliance, SIEM
Created By
SOCRadar Cyber Intelligence
Type
app
Downloads
235
Splunk Answers
Ask a question about this app listing(Opens new window)Resources
Log in to report this app listing