Skip to content
This repository was archived by the owner on Aug 8, 2020. It is now read-only.
/ Splunk_TA_paloalto Public archive

The Palo Alto Networks Add-on for Splunk allows a Splunk® Enterprise or Splunk Cloud administrator to collect data from Palo Alto Networks Next-Generation Firewall devices and Advanced Endpoint Protection.

splunkbase.splunk.com/app/2757

License

View license
21 stars 12 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

PaloAltoNetworks/Splunk_TA_paloalto

3 Branches18 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

btorresgilbtorresgil
Update README.md
Aug 7, 2020
23b114c · Aug 7, 2020

History

266 Commits
README
README
Feb 13, 2019
appserver
appserver
Jan 17, 2019
bin
bin
Jan 12, 2019
default
default
Feb 25, 2020
locale
locale
Sep 6, 2017
lookups
lookups
Dec 10, 2019
metadata
metadata
Oct 2, 2018
release
release
Feb 25, 2020
static
static
Feb 12, 2020
.gitignore
.gitignore
Feb 24, 2020
.travis.yml
.travis.yml
Oct 18, 2018
CHANGES
CHANGES
Nov 7, 2017
LICENSE
LICENSE
Oct 3, 2016
Makefile
Makefile
Oct 18, 2018
README.md
README.md
Aug 7, 2020
Splunk_TA_paloalto.aob_meta
Splunk_TA_paloalto.aob_meta
Nov 7, 2017
app.manifest
app.manifest
Feb 25, 2020

Repository files navigation

This repo has moved

** Please read **

This Splunk Add-on repository was moved to a shared repository with the Splunk App. This makes it easier to develop and build the community around these apps by having them all in the same place. You can find the Palo Alto Networks App and Add-on at https://github.com/PaloAltoNetworks/Splunk-Apps

Issues and pull requests have also been transfered to the new repository and this repository has been archived.

Palo Alto Networks Add-on for Splunk

Description

The Palo Alto Networks Add-on for Splunk allows a Splunk® Enterprise or Splunk Cloud administrator to collect data from Palo Alto Networks Next-Generation Firewall devices and Advanced Endpoint Protection. The add-on collects traffic, threat, system, configuration, and endpoint logs from Palo Alto Networks physical or virtual firewall devices over syslog. After Splunk indexes the events, you can consume the data using the pre-built dashboard panels included with the add-on, with Splunk Enterprise Security, or with the Palo Alto Networks App for Splunk. This add-on provides the inputs and CIM-compatible knowledge to use with other Splunk Enterprise apps, such as the Splunk App for Enterprise Security and the Splunk App for PCI Compliance, and integrates with Splunk Adaptive Response.

Documentation for this add-on is located at: http://splunk.paloaltonetworks.com/

Documentation

Installation and Getting Started: http://splunk.paloaltonetworks.com/getting_started.html
Release Notes: http://splunk.paloaltonetworks.com/release-notes.html
Support: http://splunk.paloaltonetworks.com/support.html

Install from Git

This app is available on Splunkbase and Github. Optionally, you can clone the github repository to install the app.

From the directory $SPLUNK_HOME/etc/apps/, type the following command:

git clone https://github.com/PaloAltoNetworks/Splunk_TA_paloalto.git Splunk_TA_paloalto

Libraries Included

Pan-Python: [Github] (https://github.com/kevinsteves/pan-python)
PanDevice: [Github] (https://github.com/PaloAltoNetworks/pandevice)

Copyright (C) 2014-2020 Palo Alto Networks Inc. All Rights Reserved.

About

The Palo Alto Networks Add-on for Splunk allows a Splunk® Enterprise or Splunk Cloud administrator to collect data from Palo Alto Networks Next-Generation Firewall devices and Advanced Endpoint Protection.

splunkbase.splunk.com/app/2757

Topics

splunk firewall splunk-enterprise endpoint-protection palo-alto-networks splunk-cloud-administrator

Resources

Readme

License

View license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

21 stars

Watchers

24 watching

Forks

12 forks
Report repository

Releases 6

3.7.1 Latest
Nov 16, 2016
+ 5 releases

Packages

No packages published

Contributors 7

Languages