There are many app in Splunkbase some from well known companies and developers, so I assume those are safe. What about other apps? Are they reviewed by Splunk before being published?
There is always a risk if you run a third-party written software. Not necessarily due to malice but maybe due to mistakes and sloppy programming.
My own private policy is that I trust apps built by Splunk, I am cautious towards apps written by solution vendors (like checkpoint-supplied app for checkpoint appliances) because they often don't know Splunk well enough and make too much false assumptions about your environment. And I unpack and manually look into other apps.
That's in production environment. I have slightly more relaxed approach in my home setup.
@johnwww - Long story short.
Yes, they are validated by Splunk but not by Security Penetration testers.
So use with caution. Or you can check them by yourself, when you download the App you will get the code as well, you can validate them by yourself if you want.
I hope this helps!!!
Hi
My expectations are that Splunk do only automatically technical review e.g. by appinspect to ensure that those apps are following their best practices and minimum requirements. But they are not doing any code review or other security related analysis for those. Personally if I need to take some app from "non big brand" I do those reviews by myself and/or try to found any reviews about it. And please remember it's your own decision and your responsibility to choose those. No warranty from anyone else.
r. Ismo
Hi @johnwww,
when an App is uploaded in Splunkbase it's subjected to many controls, especially on scripts, for my knowledge they are safe, for more infos, you can see at https://www.splunk.com/en_us/legal/terms/terms-of-use.html?301=/en_us/terms-of-use.html&301=/view/SP... all the terms of use.
In addition, here https://www.splunk.com/en_us/legal/export-controls.html?301=/en_us/export-controls.html&301=/view/SP... you can find the Export Controls.
Ciao.
Giuseppe
Splunk does not control the Community Content, identified in section 4.3 (“Community Content”) posted on the Site and, as such, does not guarantee the accuracy, integrity or quality of such Community Content