Fleak OCSF Mapper app icon

Fleak OCSF Mapper

AI-powered OCSF mapping for custom and long-tail log sources. Generate parsers and rules from sample events, preview in Splunk, and apply at search time via the | fleakmapping command.

Built by
splunk product badge
screenshot
screenshot
screenshot
screenshot
Latest Version 0.1.0
April 29, 2026
Compatibility
Splunk Enterprise, Splunk Cloud
Platform Version: 10.3, 10.2
Rating

5

(5)

Log in to rate this app
Support
Fleak OCSF Mapper support icon
Developer Supported app
Fleak OCSF Mapper turns custom and long-tail log sources into clean, OCSF-normalized events inside Splunk — without hand-writing regex, transforms, or field aliases. Paste a few sample events into the Mapping Studio. Fleak's AI service inspects the structure, generates a parser and an OCSF mapping expression, and lets you preview the result before deploying. Once a rule is saved, the included | fleakmapping search command streams events through the Zephflow engine and returns standardized OCSF fields, ready for downstream dashboards, SIEM rules, and security analytics. Use cases: - Onboard new vendor or proprietary log formats in minutes instead of weeks - Normalize firewall, endpoint, identity, and application logs to a shared OCSF schema - Reduce the regex and transforms toil that slows Splunk ingestion projects

Categories

Security, Fraud & Compliance, SIEM

Created By

Xing Guo

Type

app

Downloads

10

Licensing

Apache License Version 2.0(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing