Skip to content

Splunk-App-and-TA-development/TA-linux_secure

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
default
default
 
 
lookups
lookups
 
 
metadata
metadata
 
 
static
static
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

TA-linux_secure

Linux Secure Technology Add-On for Splunk

This app provides linux_secure field extractions and normalisation to the Common Information Model.

No configuration is required and it need only be installed on search heads (i.e. contains no index-time transforms).

N.B. This app is intended to replace the security-relevant aspects of the Splunk Add-on for Unix and Linux (Splunk_TA_nix) and as such it's strongly recommended that the Splunk_TA_nix app be removed from your search head before installing this app as they may conflict.

Further documentation is provided in the wiki here: https://github.com/doksu/TA-linux_secure/wiki

About

Linux Secure Technology Add-On for Splunk

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published