Cloud Inspector

Splunk Community

Cloud Inspector

Cloud Inspector
Cloud Inspector reveals web access footprints based on logs from Firewalls and Web Gateways. It helps administrators keep up-to-minutes intelligence about web applications being accessed by internal users. This app ingests CIM-compliant logs. Along with its unique cloud reputation service, administrators now are able to understand: 1. The top risky web applications being accessed. 2. The endpoints (users or devices) generate the most access records. 3. Geographic locations of web applications being accessed. 4. Activity comparison with previous periods. Supported CIM-compliant logs: This app extracts web sites from site, url or dest field of Common Information Model (CIM) Web data model. The priority is site > url > dest. The following CIM-compliant products(sourcetype) have been verified. 1. Palo Alto (pan:threat) 2. Fortinet FortiGate (fgt_utm) 3. Forcepoint Web Security (websense:cg:kv)
0 topics and 0 replies mentioned Cloud Inspector in
Latest Topics
No posts to display.
Latest Replies
No posts to display.
Top Topics
No posts to display.
My Topics
No posts to display.