Kaspersky CyberTrace for Splunk (SIEM connector) allows you to check URLs, file hashes, and IP addresses contained in events that arrive in Splunk. The URLs, file hashes, and IP addresses are checked against threat data feeds from Kaspersky Lab, or from other vendors or sources loaded to CyberTrace. During the matching process, Kaspersky CyberTrace determines the indicator category and generates an event supplemented with actionable context.
To install SIEM connector for Splunk:
Download Kaspersky CyberTrace for Splunk:
Please note that SIEM connector for Splunk has been tested with Splunk 8.0 and later.
Please let us know how we can make this website more comfortable for you
Thank you for submitting your feedback. We will review your feedback shortly.
Your feedback will be used for content improvement purposes only. If you need assistance, please contact technical support.
Your suggestions will help improve this article.