Latest Version 2.3.1
June 18, 2024
Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
OCSF TA for Linux
This TA provides you with the capability to search your events using OCSF compliant fields, as well as CIM to support your current use cases. This includes specifically Auditd for the moment, as this is the most important data source because it ties everything from your STIG/CIS to your security use cases in Linux.
Built by Arkitech Security
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0
CIM Version: 5.x
Rating
0
(0)
Log in to rate this app
Ranking
#11
in Artificial Intelligence
This TA provides you with the capability to search your events using OCSF compliant fields, as well as CIM to support your current use cases. This includes specifically Auditd for the moment, as this is the most important data source because it ties everything from your STIG/CIS to your security use cases in Linux.
Categories
Created By
Arkitech Security
Type
addon
Downloads
34
Licensing
Splunk Answers
Resources
Login to report this app listing