Splunk and TheHive integration

bil151515 · ‎02-03-2021

Hey!
My team is interested in integration of Splunk (especially ES) and TheHive Project products.

The goal is to provide automated sending Splunk Alerts (Notable Events in case of ES) to TheHive platform for further automatic analysis by Cortex and returning results back to Splunk.

I don't have any experience in stuff like that so I would like to get any ideas of solving this problem.

Maybe anyone have done that before on their project and would like to share any solutions?

splunkreal · ‎07-18-2024

Hello @bil151515 we have done it successfully if needed.

* If this helps, please upvote or accept solution if it solved *

Bubbleob · ‎08-11-2024

Can you expand on how your team did it? Ideally with step-by-step methods.

splunkreal · ‎01-20-2026

Hello @Bubbleob sorry for late response, using https://splunkbase.splunk.com/app/5329

* If this helps, please upvote or accept solution if it solved *

Splunk and TheHive integration

field extraction

HTTP Event Collector

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Agent Mode Engaged! Enchaining Agentic Operations with Splunk AI Assistant 2.0

Announcing Modern Navigation: A New Era of Splunk User Experience

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

Join the Conversation

Splunk and TheHive integration

field extraction

HTTP Event Collector

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Agent Mode Engaged! Enchaining Agentic Operations with Splunk AI Assistant 2.0

Announcing Modern Navigation: A New Era of Splunk User Experience

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk