Security Query based App for NetWitness Packets

Splunk Community
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Security Query based App for NetWitness Packets

Security Query based App for NetWitness Packets
This Splunk app will connect to a NetWitness Concentrator/Broker via REST API. It will poll the NetWitness device regularly to collect new session meta data based on the provided query to be indexed by Splunk, it tries to use the Common Information Model for most of the fields. For install and configuration instructions please check README.txt after extracting it to $SPLUNK_HOME/etc/apps/
Ask a Question View in Splunkbase
0 topics and 0 replies mentioned Security Query based App for NetWitness Packets in
Latest Topics
No posts to display.
Latest Replies
No posts to display.
Top Topics
No posts to display.
My Topics
No posts to display.