Ansible framework providing a fast and simple way to spin up complex Splunk environments.
-
Updated
Dec 1, 2024 - Python
Ansible framework providing a fast and simple way to spin up complex Splunk environments.
Unlock the power of Splunk SIEM for comprehensive log analysis. Collaborate and innovate with our Splunk Log Analysis Projects on GitHub
Collection of Dashboards for Threat Hunting and more!
Install a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook
A powerful home-lab focused on setting up Splunk SIEM and real-world use cases. If you’re interested to become SOC Analyst(Tier 1/2) , this lab will help you with SOC tools, rules, queries, apps and integration.
The Palo Alto Networks Add-on for Splunk allows a Splunk® Enterprise or Splunk Cloud administrator to collect data from Palo Alto Networks Next-Generation Firewall devices and Advanced Endpoint Protection.
Plot relationships between objects with force directed graph based on ThreeJS/WebGL.
This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup a Suricata Port Mirrored Server
Syntax highlighting for Splunk .conf files in Sublime Text 2 & 3
A NLog target for Splunk Http Event Collector (HEC) Sender
A structured logging framework for .NET that supports log aggregation, e.g. Splunk
A log4net appender for Splunk Http Event Collector (HEC) Sender
writeup about sending Logstash data to Splunk using the HTTP Event Collector
This library is an abstraction for Splunk-related development, maintenance, or migration operations. It provides a single CLI or SDK to conveniently perform various operations such as managing a local development container, retrieving sample-data, building applications, comparing instances, managing knowledge objects and much more in the future.
Configuration files for create a tiered deployment server
a useful tutorial about splunk and security splunk app
Add a description, image, and links to the splunk-enterprise topic page so that developers can more easily learn about it.
To associate your repository with the splunk-enterprise topic, visit your repo's landing page and select "manage topics."