The CrowdStrike Falcon Identity Protection Add-on for Splunk Add-on allows ingestion of the CrowdStrike identity data into Splunk enabling the data to be used with other Splunk Apps, such as Enterprise Security.
Full documentation can be found at https://splunk-ta-crowdstrike.ztsplunker.com/.
This Splunk Add-on is not affiliated with CrowdStrike, Inc. and is not sponsored or sanctioned by the CrowdStrike team. As such, the included documentation does not contain information on how to get started with CrowdStrike. Rather, this documentation serves as a guide to use CrowdStrike data with Splunk and Splunk Enterprise Security. Please visit https://www.crowdstrike.com for more information about CrowdStrike.
| Info | Description |
|---|---|
| Version | 1.0.3 - See on Splunkbase | GitHub |
| Vendor Product | CrowdStrike Falcon Identity Protection |
| Other | This add-on uses FalconPy to interact with the vendor's API. |
| Add-on has a web UI | Yes, this add-on has a view to setup a modular input. |
Please open an issue on GitHub.