Teamviewer Add-on for Splunk app icon

Teamviewer Add-on for Splunk

Collects and parses TeamViewer session logs, network connection reports, and audit data from Windows endpoints, providing CIM-compliant field extractions for Authentication, Network Sessions, Network Traffic, and Data Access data models.

Built by Netbytesec Sdn Bhd
splunk product badge
Latest Version 1.0.0
May 28, 2026
Compatibility
Splunk Enterprise, Splunk Cloud
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0
CIM Version: 5.x, 4.x
Rating

0

(0)

Log in to rate this app
Support
Teamviewer Add-on for Splunk support icon
Developer Supported addon
The TeamViewer Add-on for Splunk collects and parses TeamViewer log files from Windows endpoints, enabling monitoring and security analysis of remote access sessions. The add-on ingests log data from TeamViewer 15.x installations, including session logs, network connection reports, and audit data. It provides field extractions that map TeamViewer events to the Common Information Model (CIM), specifically the Authentication, Network Sessions, Network Traffic, and Data Access data models. The add-on defines two source types: teamviewer for general session and audit logs, and teamviewer:network for network connection details. By normalizing TeamViewer data into CIM-compliant fields, the add-on enables correlation with other security data sources and supports use cases such as remote access auditing, connection monitoring, and security investigations involving remote support sessions.

Categories

IT Operations, Security, Fraud & Compliance

Created By

Netbytesec Sdn Bhd

Type

addon

Downloads

3

Licensing

Splunk End User License for Third Party Content(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing