This is the Splunk schema extension repository.
This extension is designed to work with the OCSF schema version 1.0.0-rc.2. The extension some adds fields specific to Splunk's internal usage, plus back-ports of a number of changes from later versions of the schema to work with 1.0.0-rc.2.