Add_on_Security_Onion app icon

Add_on_Security_Onion

This Technology Add-on (TA) provides field extractions, event types, tags, and lookups to normalize Security Onion Zeek and Suricata logs into Splunk Common Information Model (CIM). It enables better visibility into network security events and integrates seamlessly with Splunk Enterprise Security.

Built by
splunk product badge
Latest Version 1.0.0
September 7, 2025
Compatibility
Splunk Enterprise, Splunk Cloud
Platform Version: 10.0, 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0
CIM Version: 6.x
Rating

0

(0)

Log in to rate this app
Support
Add_on_Security_Onion support icon
Developer Supported addon
This Technology Add-on (TA) provides field extractions, event types, tags, and lookups to normalize Security Onion Zeek and Suricata logs into Splunk Common Information Model (CIM). It enables better visibility into network security events and integrates seamlessly with Splunk Enterprise Security.

Categories

Network Security

Created By

Sachin Mestry

Type

addon

Downloads

15

Licensing

Splunk End User License for Third Party Content(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing