Solved: Can IBM AppScan integrate with Splunk?

R_B · ‎10-18-2017

Hello! I wanted to know if IBM AppScan can integrate with Splunk. Mainly, is there a way to ingest vulnerabilities from an IBM AppScan into Splunk? I don't see a Splunk add-on for AppScan and I haven't found any questions about this on the answer forums.

ragedsparrow · ‎10-18-2017

From what I've found, there's nothing pre-built as an "easy solution". According to this question it can be done using the AppScan SDK.

View solution in original post

ragedsparrow · ‎10-18-2017

From what I've found, there's nothing pre-built as an "easy solution". According to this question it can be done using the AppScan SDK.

R_B · ‎10-18-2017

Thanks for the quick reply! I see though. Seems like it's possible, but not easy. Have you seen anywhere if this has been done by somebody with Splunk yet?

ragedsparrow · ‎10-18-2017

I have not. I think most users integrate into QRadar, which has a direct integration, but nothing to Splunk that I've seen yet.

There is a git repository that uses the Splunk REST API to send messages from the IBM Integration Bus found here. Currently it looks like the IBM developer network is having issues right now, so I can't really search it.

R_B · ‎10-18-2017

I see, surprised nobody has tried it yet. Unless they have and just haven't posted anything about it. Would be interesting to do though. Oh that's good to know, thank you for the info!

Can IBM AppScan integrate with Splunk?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Index This | What travels the world but is also stuck in place?

Discover New Use Cases: Unlock Greater Value from Your Existing Splunk Data

Continue Your Journey: Join Session 2 of the Data Management and Federation Bootcamp ...

Join the Conversation