Suricata app for splunk

Splunk Community
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Suricata app for splunk

Suricata app for splunk
Archived
Welcome to the Suricata app for Splunk. This app contains field extraction for Suricata fast.log and separate field extraction for Suricata ssh.json log. Suricata ssh.json it's a separate log for only ssh events (all ssh events in your traffic). Aslo in app you can find two dashboard. - First dashboard for analysis suricata fast.log - Second dashboad for visual analisis ssh.json log with function for flexible analysis by next field: data source, source and destination ip, server or client software, time.
Ask a Question View in Splunkbase
0 topics and 0 replies mentioned Suricata app for splunk in
Latest Topics
No posts to display.
Latest Replies
No posts to display.
Top Topics
No posts to display.
My Topics
No posts to display.