Get Started

          Announcing The New Corelight for Splunk App

          We’re proud to announce the Corelight for Splunk app is available!  Using the new app (and its associated Technology Add-on (TA)), you can now monitor the health and performance of Corelight Sensors in Splunk and explore the rich data Bro provides through a series of dashboards.

          pasted image 0

          The Corelight for Splunk App, associated TA, and Q&A page are all on Splunkbase now.

          If you’re using open-source Bro and you want to use Corelight’s app, you need to send your Bro logs to Splunk in a streaming format using JSON. To do so, install the json-streaming-logs Bro package using the Bro Package Manager, also directly available via GitHub.

          In the next few months, we’ll be publishing more information about the app, including an FAQ and a longer blog post dedicated to highlighting its functionality and benefits.  

          In the meantime, let us know if you have any questions or concerns installing or using the new app:

          The Corelight Team



            Recent Posts