SA-IdentityAssetExtraction

The Splunk SA-IdentityAssetExtraction add-on works with various data sources to create and populate asset and identity information. Asset and identity information within this app is integrated with Enterprise Security (ES) Identity framework to enrich and correlate events with customer-defined information. Supported sources for identity collection: - Active directory (via SA-ldapsearch) Supported sources for asset collection: - Active directory (via SA-ldapsearch) - Splunk deployment clients - AWS EC2 (via Splunk App for AWS) - ServiceNow CMDB (future) - Microsoft SCCM (future) - McAfee ePO (future) Project found at https://github.com/hire-vladimir/SA-IdentityAssetExtraction. Interested in contributing? Create a pull request or open an issue on GitHub!

Built by vladimi r

Last Updated

June 30, 2023

Compatibility

Not Available

Rating

0

(0)

Log in to rate this app

Support

Not Supported

Learn more

The Splunk SA-IdentityAssetExtraction add-on works with various data sources to create and populate asset and identity information. Asset and identity information within this app is integrated with Enterprise Security (ES) Identity framework to enrich and correlate events with customer-defined information. Supported sources for identity collection: - Active directory (via SA-ldapsearch) Supported sources for asset collection: - Active directory (via SA-ldapsearch) - Splunk deployment clients - AWS EC2 (via Splunk App for AWS) - ServiceNow CMDB (future) - Microsoft SCCM (future) - McAfee ePO (future) Project found at https://github.com/hire-vladimir/SA-IdentityAssetExtraction. Interested in contributing? Create a pull request or open an issue on GitHub!