Skip to content

ZachChristensen28/TA-linux_iptables

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

84 Commits
.github
.github
 
 
docs
docs
 
 
includes
includes
 
 
src/TA-linux_iptables
src/TA-linux_iptables
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
mkdocs.yml
mkdocs.yml
 
 

Repository files navigation

TA-linux_iptables - Add-on for Linux Iptables

TA-linux_iptables

GitHub Documentation Status Splunk Appinspect GitHub release (latest SemVer) Splunkbase App Splunk CIM Version

Documentation

Full documentation can be found at https://splunk-iptables.ztsplunker.com.

About

Info Description
Version 1.3.8 - See on Splunkbase
Vendor Product RHEL/CentOS - Firewalld, Ubuntu - UFW, built-in IPtables
Add-on has a web UI No. This add-on does not contain any views.

The TA-linux_iptables Add-on allows Splunk data administrators to map the linux firewall events to the CIM enabling the data to be used with other Splunk Apps, such as Enterprise Security.

Release Notes

Version: 1.3.8

- Added sample configuration for the syslog sourcetype if IPtable data is mixed with syslog data.
- Updated log_prefix field extraction to consider log prefixes surrounded with quotes.

Issues or Feature Requests

Please open an issue or submit feature requests at GitHub

About

Splunk Add on for Linux Iptables

splunk-iptables.ztsplunker.com

Topics

linux splunk iptables splunk-addon

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 4

TA-linux_iptables v1.3.8 Latest
Jul 10, 2022
+ 3 releases