Skip to content

curbengh/splunk-scripts

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Splunk add-ons, patches and setup scripts

Packaging Splunk apps

python build.py -d path/to/app-folder -o path/to/output-folder

build.py is necessary to remove execute permission from all files. Splunk Cloud will reject any app that contains files with execute permission, except for the "bin/" folder. Some folders have custom build.py to build patched add-on.

Export Cloudflare DNS records to Splunk

Run nmap port scanner and ingest the XML result into Splunk.

Splunk Enterprise setup.

Universal Forwarder setup.

iplocation bundled database located at "$SPLUNK_HOME/share/GeoLite2-City.mmdb" is only updated in each Splunk release. Use updateiplocation to manually update it.