All Apps and Add-ons

Output Additional Sourcefire fields (Reference)

sparrowe
Explorer

Has anyone been able to successfully modify which fields are exported from the eStreamer interface? I am specifically wanting to output the "Reference" field which sometimes contains a list of applicable CVE's.

0 Karma
Get Updates on the Splunk Community!

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...