Splunk Enterprise Security

Threat intelligence framework


Hi ,

Can anyone provide me approach/steps for integrating threat intelligence framework to Splunk ES.

Also , how to pull active thread feed, export offensive IP list to CSV and get hash file list from API through endpoint URL(i have that URL) using python script .

I didn't understand clearly mentioned on Splunk doc so if anyone can put it together in simplified form.



Labels (1)
0 Karma
Take the 2021 Splunk Career Survey

Help us learn about how Splunk has
impacted your career by taking the 2021 Splunk Career Survey.

Earn $50 in Amazon cash!