Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/wazuh/wazuh-splunk
Wazuh - Splunk App
https://github.com/wazuh/wazuh-splunk
compliance file-integrity-management gdpr ids intrusion-detection log-analysis loganalyzer monitoring openscap ossec pci-dss policy-monitoring security security-awareness security-hardening splunk vulnerability-detection wazuh
Last synced: 4 days ago
JSON representation
Wazuh - Splunk App
- Host: GitHub
- URL: https://github.com/wazuh/wazuh-splunk
- Owner: wazuh
- License: gpl-2.0
- Created: 2017-05-23T20:06:01.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2024-09-17T12:48:04.000Z (3 months ago)
- Last Synced: 2024-12-08T22:24:50.547Z (14 days ago)
- Topics: compliance, file-integrity-management, gdpr, ids, intrusion-detection, log-analysis, loganalyzer, monitoring, openscap, ossec, pci-dss, policy-monitoring, security, security-awareness, security-hardening, splunk, vulnerability-detection, wazuh
- Language: JavaScript
- Homepage: https://wazuh.com
- Size: 34.5 MB
- Stars: 51
- Watchers: 31
- Forks: 27
- Open Issues: 83
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
- Security: SECURITY.md
Awesome Lists containing this project
README
# Splunk App for Wazuh
[](https://wazuh.com/community/join-us-on-slack/)
[](https://groups.google.com/forum/#!forum/wazuh)
[](https://documentation.wazuh.com)
[](https://wazuh.com)
The Wazuh App for Splunk offers an option to visualize _Wazuh Alerts_ and _API data_. Wazuh helps you to gain deeper security visibility into your infrastructure by monitoring hosts at an operating system and application level.
* * *
### Documentation
- [Wazuh App for Splunk installation guide](https://documentation.wazuh.com/current/deployment-options/splunk/index.html)
## Branches
- `stable` branch on correspond to the last Wazuh App stable version.
- `master` branch contains the latest code, be aware of possible bugs on this branch.
## Installation and Upgrade
### Requirements
1. A Wazuh Manager with a running and accesible API.
2. A __Splunk Universal Forwarder__ installed along with the Wazuh Manager.
3. At least one __Splunk Enterprise Indexer__.
### Using the Web User Interface (WUI)
1. Download the App package that matches your installation (Wazuh and Splunk version, check the [Compatibilty Matrix](#compatibility-matrix)).
2. Go to the Splunk WUI main page and click on the **gear** icon (Manage Apps), at the sidebar.
3. Click on the `Install App from file` button.
4. Select and upload the downloaded App package.
5. Check the `Upgrade App` checkbox if a Wazuh App is already installed.
6. Click on `Upload`. A restart of the Indexer may be required.
### Using the Command Line Interface (CLI)
1. Download the App package that matches your installation (Wazuh and Splunk version, check the [Compatibilty Matrix](#compatibility-matrix)).
2. If an older App is already installed, remove it using the Splunk binary:
```bash
$SPLUNK_HOME/bin/splunk remove app SplunkAppForWazuh
```
3. Install the App:
```bash
$SPLUNK_HOME/bin/splunk install app
```
### Compatibility Matrix
The compatibility matrix is avaliable in the repository [wiki](https://github.com/wazuh/wazuh-splunk/wiki/Compatibility).
## Contribute
If you want to contribute to our project please don't hesitate to send a pull request. You can also join our users [mailing list](https://groups.google.com/d/forum/wazuh), by sending an email to , to ask questions and participate in discussions.
## Copyright & License
Copyright (C) 2015-2022 Wazuh, Inc.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
Find more information about this on the [LICENSE](LICENSE) file.
## References
- [Wazuh website](https://wazuh.com)
- [Wazuh documentation](https://documentation.wazuh.com)
- [Splunk documentation](http://docs.splunk.com/Documentation)