/CobaltSplunk

Splunk Dashboard for CobaltStrike logs

MIT LicenseMIT

CobaltSplunk Splunk Application

Author

Vincent Yiu (@vysecurity)

Blog Post

https://vincentyiu.co.uk/cobaltsplunk/

What is CobaltSplunk?

CobaltSplunk is a Splunk Application that knows how to 1) ingest Cobalt Strike related logs and parse them properly, 2) display useful operational dashboards, 3) display relevant reports.

Usage

  1. Download Cobalt.spl
  2. Install as application
  3. Ingest logs
  4. View the dashboard and reports as you see fit