Archive
Highlighted

Splunk app for Mandiant & Bit 9

Splunk Employee
Splunk Employee

Are there are any recommended apps on Splunkbase for Mandiant and Bit 9?

Tags (1)
0 Karma
Highlighted

Re: Splunk app for Mandiant & Bit 9

Engager

There currently are no apps for Bit9 on Splunk Base. If you are an existing bit9 customer, I suggest to get in touch with PM at Bit9. We are interested in hearing about your use cases for a splunk app for Bit9.

0 Karma
Highlighted

Re: Splunk app for Mandiant & Bit 9

Communicator

Bit9 just released an app https://apps.splunk.com/app/1790/ but it's for the v7.2 release that's in "Early Access".

Mandiant has an integration piece that's written for ArcSight. It'll send the logs to Splunk in CEF and you use the CEF TA to normalize them into Splunk. Talk to your Mandiant rep.

Highlighted

Re: Splunk app for Mandiant & Bit 9

Engager

Bit9 Platform 7.2 is now GA and available to all customers.

Happy splunking with Bit9 data!