Skip to content

doksu/TA_netfilter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
default
default
 
 
lookups
lookups
 
 
metadata
metadata
 
 
samples
samples
 
 
static
static
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

TA_netfilter

netfilter (iptables) technology add-on (TA) for Splunk

This app provides field extractions and normalisation to the Common Information Model.

Install this app on heavy forwarders, indexers and search heads.

N.B. This app will automatically change the sourcetype of iptables events with the sourcetype of "syslog" into the "linux:netfilter" sourcetype.

Further documentation is provided in the wiki here: https://github.com/doksu/TA_netfilter/wiki

About

Netfilter (iptables) technology add-on for Splunk

Resources

Readme

License

MIT license
Activity

Stars

6 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages