Skip to content

vulnersCom/splunk-vulners

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
docs
docs
 
 
result
result
 
 
vulners-lookup
vulners-lookup
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.sh
build.sh
 
 

Repository files navigation

Vulners App for Splunk

Vulners Application for Splunk allows one to use Splunk as a Vulnerability assessment platform and security scanner.

Notes

  • The app was tested in a simple installation as well as in a clustered (search head cluster) installation
  • As a result it is a whole package that includes parts for three Splunk components: forwarders, indexers (indexer cluster) and search heads (search head clusters).

Installation

Installation process is described in details within the app directory

Usage

1. Search for packages collected using python scripted input from the app

By default scripted input is sending information about packages hourly. You must enable it before it starts to collect the data. To see collected packages run search

index=vulners

2. Ad-hoc Vulners audit request

Vulners application is running audit script automatically at 9 o'clock in the morning. You must enable it before it starts to work. Alternatively you can hit saved search

| savedsearch vulners_report

Using slim

  • Install slim as in the instruction (take note of this bug though)
  • Create a package
slim package -o result/ ./vulners-lookup/

About

Splunk Vulnerability Assessment Plugin

vulners.com

Topics

splunk vulnerability vulnerability-assessment scaner vulners splunk-dashboard

Resources

Readme

License

GPL-3.0 license
Activity

Stars

9 stars

Watchers

3 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages