Code on Github
Custom action for new casemanagement input
Add ticket info logging
Tried to make the SIEM log collection running in a multi process mode. Only multi thread worked but the performance are the same (roughly 5000 events per second).
commented logging of credentails to avoid logging cleartext credentials in _internal
Workaround for stuck inputs based on the CrowdStrike add-on approach with a custom alert action.
Each input is logging Input <INPUT_NAME> has started. every time is being called.
An alert can be constructed to trigger the custom action to disable and re-enable a specific input if this string is missing from the internal logs of Splunk for a while.
Fix SIEM API decoding errors
Correction to avoid field with the name 'source'
Added SIEM API input.
Small bug fixes.
1.1.0
Unofficial Splunk add on for Akamai prolexic, DNS and GTM ingestion written in Python 3.7
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.