Customer provides a global, continuously updated view of all of your Internet-connected assets and what they’re talking to.
Customer requested the development of Certified Splunk Add-on to integrate its platform with Splunk.
Sacumen developed the Certified Splunk Add-on that performs the following:
Correlate Exposures and Behavior data to internal events tracked in Splunk.
Create custom reporting, dashboards and visualizations.
Gain context for IPs, Exposures, and Risky Flows observed on your network perimeter.
Add-on for Splunk allows you to consume and access Events, Assets, and Behavior data through Splunk. You can configure your data as a Splunk data input, configure the add-on to use a proxy, search your data through the Splunk UI using Splunk data queries, and more.
The Add-on was built using Splunk Add-on builder and modular input in python language was written.
The Add-on supports Splunk version 7.x.
Add-on supported Retry mechanism, It supported setting logging level and proxy support.
Add-on supported CIM 4.x.
Do you need free Consultation for your security product integration?