The Cisco AMP for Endpoints Splunk CIM Add-on provides a mechanism to map data from the Cisco AMP for Endpoints Events Input to the Splunk Common Information Model (CIM) for Malware detections
This project is open-source, please seek guidance at project's github page.
Fix setup page
Bug fixes
Bug fixes
Initial Release - AMP for Endpoints Event CIM Add-on
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.