Getting Data In

How to integrate Crowdstrike with Splunk?

splunker102
Loves-to-Learn Lots

I am looking for an add-on/API which can help to onboard all crowdstike related information to splunk.

I see that there is "CrowdStrike Falcon Devices Technical Add-On" available, it retrieves detailed data that the CrowdStrike Falcon sensor has collected about the device.

It does not collect the list of software installed on those devices.

 

For example,

We have 5000+ windows servers, and I want to check if XYZ software is installed or not !

Is there a way to collected installed software related info into splunk ?

Many thanks in advance!

 

Labels (1)
Tags (2)
0 Karma
Get Updates on the Splunk Community!

Using Machine Learning for Hunting Security Threats

WATCH NOW Seeing the exponential hike in global cyber threat spectrum, organizations are now striving more for ...

New Learning Videos on Topics Most Requested by You! Plus This Month’s New Splunk ...

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

How I Instrumented a Rust Application Without Knowing Rust

As a technical writer, I often have to edit or create code snippets for Splunk's distributions of ...