Splunk Search Analyzer #97
Comments
|
+1 |
saadkadhi
added
scope:analyzer
|
Hi @SivaPrem. We haven't gotten around to develop one yet and hopefully we'll be able to in the not-so-long term. We can't provide a date currently. We'll update the issue as soon as we can. |
|
Hi, We have developed a Splunk analyser. We will need to do some cleanup for public release, but hopefully will be able to release it in the coming week or two. |
|
@saadkadhi : Thank you very much , U guys rock , Missed Hack.lu / Misp Summit |
|
@BrevilleBro : Wow , thats amazing , Looking forward to it |
|
Excellent @BrevilleBro. I'll change the label to |
|
Hi, Just keeping everyone updated. We are currently preparing the analyzer for release (next day or two). We will strip it back to a 'bare-bones' Splunk Search for compatibility, however, if anyone wants an example/release of a more environment specific Splunk Search (i.e., proxy logs), please let me know. |
|
@BrevilleBro : Perfect , thats good news !!!!! search on proxy logs will be amazing to have it !!!!! |
|
Hi, We have released our Splunk analyser. @SivaPrem , let us know if you encounter any issues :) I have included a generic template/analyzer template, as well as more specific ones (although they may need to be customised to your environment). |
|
@BrevilleBro :: Awesome !!!! Thanks for the efforts ... I am gonna test it today !! will update you |
|
Thanks @BrevilleBro for your contribution. @SivaPrem please let us know how it goes and we'll add it to the next release if everything is OK. |
|
Any update on the next release? Can you help me with how I get this installed on my env now please? How to I add this to the current analyzers folder and theHive? |
|
Any update available? |
|
Hi, |
|
Hello everyone, Thank you |
|
@LetMeR00t taking a look at your analyzer, but couldn't find any documentation beyond what is in the configuration options... is there some help/docs out there somewhere? |
|
Hi @cbboggs, |
Request Type
Feature Request
Hello All,
Thanks for the good work team , and the HIVE comes very handy to use in our SOC , I saw your presentation recently on CORTEX and the possibility to have Splunk Search option in the analyzer
Would like to know in which version it was planned to be added
If available it would be very good
Merci ....................
The text was updated successfully, but these errors were encountered: