Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
BitSight Company Findings app icon

BitSight Company Findings

# BitSight Findings Splunk TA Add-on The BitSight Splunk TA Add-on is designed to enhance integration between BitSight security ratings and Splunk, providing comprehensive visibility into company ratings and vulnerability findings directly within your Splunk environment. ## Features Dual Sourcetypes: Indexes two main sourcetypes: - `bitsight:companies`: Stores current company ratings and metadata. - `bitsight:findings`: Retrieves detailed vulnerability findings using the BitSight API `(GET /ratings/v1/companies/{guid}/findings?{params_set_on_input_stanza})` - Event Indexing: Each finding is indexed as a single event with CIM-field mapping for seamless integration with Splunk's Common Information Model (CIM). - Eventtype classification for Vulnerability data model. ## Installation - Clone or download the BitSight Findings Splunk TA repository. - Install the add-on in your Splunk environment: - For Splunk Enterprise, navigate to Apps > Manage Apps > Install app from file. - For Splunk Cloud, upload the add-on via Apps > Browse more apps. #### Inputs Configuration & Requirements - Configure input stanzas in Splunk to specify parameters for retrieving BitSight findings and company data. - A valid BitSight token - Company GUID for collection on specific company only ## Support You may reach out or send me a pint of IPA via [email protected]

Built by Daniel Astillero
splunk product badge
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1
CIM Version: 5.x, 4.x, 3.x
Rating

0

(0)

Log in to rate this app
Ranking

#28

in Vulnerability Scanner
# BitSight Findings Splunk TA Add-on The BitSight Splunk TA Add-on is designed to enhance integration between BitSight security ratings and Splunk, providing comprehensive visibility into company ratings and vulnerability findings directly within your Splunk environment. ## Features Dual Sourcetypes: Indexes two main sourcetypes: - `bitsight:companies`: Stores current company ratings and metadata. - `bitsight:findings`: Retrieves detailed vulnerability findings using the BitSight API `(GET /ratings/v1/companies/{guid}/findings?{params_set_on_input_stanza})` - Event Indexing: Each finding is indexed as a single event with CIM-field mapping for seamless integration with Splunk's Common Information Model (CIM). - Eventtype classification for Vulnerability data model. ## Installation - Clone or download the BitSight Findings Splunk TA repository. - Install the add-on in your Splunk environment: - For Splunk Enterprise, navigate to Apps > Manage Apps > Install app from file. - For Splunk Cloud, upload the add-on via Apps > Browse more apps. #### Inputs Configuration & Requirements - Configure input stanzas in Splunk to specify parameters for retrieving BitSight findings and company data. - A valid BitSight token - Company GUID for collection on specific company only ## Support You may reach out or send me a pint of IPA via [email protected]

Categories

Created By

Daniel Astillero

Type

addon

Downloads

91

Licensing

Splunk Answers

Resources

Login to report this app listing
OSZAR »