Splunk-Sunburst

Sunburst IOCs for Splunk Ingest

Instructions on how to add IOCs into Splunk Enterprise Security- https://www.splunk.com/en_us/blog/security/how-do-i-add-covid-threat-intelligence-from-the-internet-to-enterprise-security.html

https://www.splunk.com/en_us/blog/security/smoothing-the-bumps-of-onboarding-threat-indicators-into-splunk-enterprise-security.html

IPv6 IOCs are there for reference, will not load into Enterprise Security Threat Intel. But they can be used in a lookup table for use in Splunk searches.

Name		Name	Last commit message	Last commit date
Latest commit History 57 Commits
README.md		README.md
sunburst-domains.csv		sunburst-domains.csv
sunburst-ipv4.csv		sunburst-ipv4.csv
sunburst-ipv6.csv		sunburst-ipv6.csv
sunburst-md5-hashes.csv		sunburst-md5-hashes.csv
sunburst-sha1-hashes.csv		sunburst-sha1-hashes.csv
sunburst-sha256-hashes.csv		sunburst-sha256-hashes.csv

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Splunk-Sunburst

About

Releases

Packages

davisshannon/Splunk-Sunburst

Folders and files

Latest commit

History

Repository files navigation

Splunk-Sunburst

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages