Skip to content

Releases: lacework-dev/lacework_splunk_addon

V1.0.0 Release

30 Mar 22:33
@ericsix-lacework ericsix-lacework
v1.0.0
1cb60a5

Choose a tag to compare

View all tags
V1.0.0 Release Latest
Latest

Version 1.0.0 Release Notes

A Splunk Technology Add-On (TA) to provide CIM compliance on Lacework alert and audit data. This add-on is designed to work in conjuction with the Splunk integration available via Lacework UI.

Assets 2
Loading

v0.0.1

14 Sep 00:48
@steveporcello steveporcello
v0.0.1
b3337c2
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.0.1

Release Notes

Version 0.0.1 release of the Lacework Splunk Add-on.

Features

  • CIM compliance mapping for Lacework events ingested by Splunk.
  • Data models mapped to include: Vulnerability, Malware, Network Traffic, Authentication, Endpoint (process specific), Endpoint (file system specific)

Notes

  • This add-on works in conjunction with the existing Lacework UI integration with Splunk. It DOES NOT replace it.
  • In the UI Integration, the ‘Source’ field must be set to ‘lacework’ for the TA to properly parse and map fields to CIM
Loading