Skip to content

The Cisco Umbrella App for Splunk provides dashboards and an interactive query exploration tool for reporting and analysis of Umbrella DNS logs.

License

Notifications You must be signed in to change notification settings

bdalpe/SplunkforCiscoUmbrella

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Cisco Umbrella App for Splunk

Description

The Cisco Umbrella App for Splunk provides dashboards and an interactive query exploration tool for reporting and analysis of Umbrella DNS logs. Quickly find security incidents, policy violations, and other DNS anomolies.

Installing

Download the .tgz file from the release page and install on your Splunk search head.

By default, the Umbrella data model has acceleration disabled. To load dashboards faster, it is recommended to enable acceleration for at least the last 7 days.

Prerequsities

You'll need to have the following installed for the app to work correctly.

Legal

  • Cisco, Cisco Umbrella, and the Umbrella Logo, are registred trademarks of Cisco.
  • The Orange OpenDNS Logo is a registered trademark of Cisco OpenDNS, LLC.
  • Company names, trademarks, and product logos are property of their respective owners. Use does not imply any affiliation or endorsement.

About

The Cisco Umbrella App for Splunk provides dashboards and an interactive query exploration tool for reporting and analysis of Umbrella DNS logs.

Topics

Resources

License

Stars

Watchers

Forks