Collecting Stormshield logs

BRFZ · ‎08-26-2024

Hello,

I need to collect logs from a firewall Stormshield. Do you have any suggestions on how to gather these logs, or is there a specific add-on available for this purpose? Thank you in advance.

gcusello · ‎08-26-2024

Hi @BRFZ ,

you can use the Stormshield_TA (https://splunkbase.splunk.com/app/3069).

ciao.

Giuseppe

BRFZ · ‎08-26-2024

Hello,

I've noticed that the application is marked as archived and unsupported. When I try to download it from your link, I receive the following message: "Archived apps are unsupported. These apps were removed from Splunkbase or archived by the developer. Splunk does not provide support for these apps."

gcusello · ‎08-26-2024

Hi @BRFZ ,

you have only one solution, use it and maintain by yourself.

Otherwise you should create your own custom add-on that's the same thing!

Ciao.

Giuseppe

Collecting Stormshield logs

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future

Join the Conversation

Collecting Stormshield logs

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future