Security Onion App for Splunk¶
Enterprise customers utilizing Splunk can now install the Security Onion App for Splunk.
Warning
The Security Onion App for Splunk is not officially supported at this time.
Requirements¶
Note
The Security Onion App for Splunk utilizes the Security Onion API, which is an enterprise-level feature of Security Onion. Contact Security Onion Solutions, LLC via our website at https://securityonion.com/pro for more information about purchasing a Security Onion Pro license to enable this feature.
Configuration¶
See https://splunkbase.splunk.com/app/7887 to get started.
Note
A Security Onion API Client must be created in the API Clients screen. The API Client should be granted sufficient permissions needed to perform the tasks that the Splunk app will need to execute.