Read the Gartner® Competitive Landscape: Network Detection and Response Report
Read the Gartner® Competitive Landscape: Network Detection and Response Report
START HERE
WHY CORELIGHT
SOLUTIONS
CORELIGHT LABS
Close your ransomware case with Open NDR
OVERVIEW
PRODUCTS
SERVICES
ALLIANCES
USE CASES
10 Considerations for Implementing an XDR Strategy
March 28, 2018 by Corelight
We’re proud to announce the Corelight for Splunk app is available! Using the new app (and its associated Technology Add-on (TA)), you can now monitor the health and performance of Corelight Sensors in Splunk and explore the rich data Bro provides through a series of dashboards.
The Corelight for Splunk App, associated TA, and Q&A page are all on Splunkbase now.
If you’re using open-source Bro and you want to use Corelight’s app, you need to send your Bro logs to Splunk in a streaming format using JSON. To do so, install the json-streaming-logs Bro package using the Bro Package Manager, also directly available via GitHub.
In the next few months, we’ll be publishing more information about the app, including an FAQ and a longer blog post dedicated to highlighting its functionality and benefits.
In the meantime, let us know if you have any questions or concerns installing or using the new app: appsupport@corelight.com.
The Corelight Team
Tagged With: Zeek, Bro, Corelight, Network Security Monitoring, SIEM, Announcements, Splunk, Corelight Sensor, JSON, GitHub, Zeek Package Monitor