All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

TA: Fidelis EDR - Forcepoint FW

0xAli
Explorer
3 weeks ago

Hi Everyone,
I hope all is good.

Looking for TA-Addon:

1. Forcepoint Firewall.

2. Fidelis EDR.

Looking for them at Splunk base, but I didnt see anything related to them.

Thanks in advace!

Labels (3)
0 Karma
Reply

livehybrid
SplunkTrust
SplunkTrust
3 weeks ago

Hi @0xAli 

For Forepoint Firewall, I believe they brand this as Forcepoint NGFW which they have an integration document for at https://forcepoint.github.io/docs/ngfw_and_splunk/#source-code which references a TA (Data ingestion) and App (Dashboards/searches/extractions) on GitHub - however these havent been updated for over 5 years so I theres no guarantee these will still work. Its worth reaching out to your account team at Forcepoint to see if they have updated guidance on this.

🌟 Did this answer help you? If so, please consider:

  • Adding karma to show it was useful
  • Marking it as the solution if it resolved your issue
  • Commenting if you need any clarification

Your feedback encourages the volunteers in this community to continue contributing

0 Karma
Reply

kknairr
Communicator
3 weeks ago

@0xAli For Fidelis EDR, you may reach out to the vendor directly to see alternative way to ingest logs as no supported apps or add-ons are published in Splunkbase. Only SOAR app is present currently on Splunkbase for Fidelis.

Found an app for Forcepoint firewall which is supported by vendor and provided the integration documents and app link for your reference. 

Forcepoint app: Forcepoint Insights SIEM App | Splunkbase

Log Export Splunk App

Forcepoint Next-Gen Firewall and Splunk | Forcepoint Integration Docs

Fidelis EDR: (Old app link, no longer supported/archived)

Fidelis Endpoint Splunk Add-On | Splunkbase

SOAR app: Fidelis Network | Splunkbase

>>

If this post addressed your question, you can:

  • Give it karma to show appreciation 👍
  • Mark it as the solution if it solved your issue ✔️
  • Add a comment if you’d like more details ✏️

Acknowledging helpful answers keeps the community strong and motivates contributors to continue sharing their expertise.

>>

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Network to App: Observability Unlocked [May & June Series]

In today’s digital landscape, your environment is no longer confined to the data center. It spans complex ...

SPL2 Deep Dives, AppDynamics Integrations, SAML Made Simple and Much More on Splunk ...

Splunk Lantern is Splunk’s customer success center that provides practical guidance from Splunk experts on key ...

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...