Splunk Dev

get data in splunk using virustotal data

weicheng98
Path Finder

Hi how do I get data into splunk using virus total data ? Is there a way where I can call the virustotal api key in splunk and then use splunk to fetch the virus total data ?

[edit]

I have already installed a universal forwarder on my ubuntu virtual machine.

0 Karma

deepashri_123
Motivator

Hey @weicheng98,

You can try using this app :
https://splunkbase.splunk.com/app/3606/#/details

Let me know if this helps!!

0 Karma

weicheng98
Path Finder

Hi @deepashri_123,

I have tried the add-on itself but how about if I want to write a python script to get the results from the virus total api, and then use the scripted input to show the results in the Splunk's search and reporting, how would I go about doing that ?

I have taken inspiration from this link but still not sure how his code is able to show its results on splunk.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...