.. _splunk:

Security Onion App for Splunk
=============================

Enterprise customers utilizing Splunk can now install the Security Onion App for Splunk.

.. warning::

   The Security Onion App for Splunk is not officially supported at this time.

Requirements
------------

.. note::

    The Security Onion App for Splunk utilizes the Security Onion Connect API, which is an enterprise-level feature of Security Onion. Contact Security Onion Solutions, LLC via our website at https://securityonion.com/pro for more information about purchasing a Security Onion Pro license to enable this feature.

Configuration
-------------

See https://splunkbase.splunk.com/app/7887 to get started.

.. note::

    A Connect API Client must be created in the Security Onion API Clients screen. The API Client should be granted sufficient permissions needed to perform the tasks that the Splunk app will need to execute.