I'd really like to use this app but so far no word on an update. 6.6 and 6.7 are the last compatible versions shown on the apps info page. Are they going to get this rolling for 7.x? Anyone have any idea?
That would be awesome if you could update the page. I installed it in our lab Splunk server and enjoyed working with it and see a lot of potential for the app. I'm eagerly anticipating everything being installed and ready to go. Thanks for responding.
Hi dhaertel!
There is a huge amount of working going into this. We should probably update the apps page to indicate it -- we've folded all the content from Splunk Security Essentials for Ransomware into the main Splunk Security Essentials app. That app now has 100 full-fledged detections, and in addition it indexes all of the other content in the world of Splunk security. In particular, version 2.0 of the app expanded with a new Security Monitoring pack targeted to similar customer pains as the Ransomware app.
Check out the app: https://apps.splunk.com/app/3435