Skip to content

Compliance Essentials for Splunk - Data Source Guidance

Anti-Virus or Anti-Malware

Technologies

Technology Splunkbase Link
Symantec EP Splunk Add-on for Symantec Endpoint Protection
Trend Micro AV Splunk Add-on for Unix and Linux
McAfee AV Plus Splunk for Cisco Identity Services (ISE)

Authentication

Technologies

Technology Splunkbase Link
Windows Security Logs Splunk Add-on for Microsoft Windows
Linux Auth Logs Splunk Add-on for Unix and Linux
Cisco ISE Splunk for Cisco Identity Services (ISE)
Cisco ASA Splunk Add-on for Cisco ASA
Okta Okta Identity Cloud Add-on for Splunk
Duo Duo Splunk Connector

Cloud Environments

Technologies

Technology Splunkbase Link
AWS Cloudtrail Splunk Add-on for Amazon Web Services (AWS)
Azure Splunk Add-on for Microsoft Cloud Services
GCP Splunk Add-on for Google Cloud Platform

DLP

Technologies

Technology Splunkbase Link
Symantec DLP Splunk Add-on for Amazon Web Services (AWS)
Digital Guardian Splunk Add-on for Microsoft Cloud Services
Forcepoint Splunk Add-on for Google Cloud Platform
Intel Security Splunk Add-on for Google Cloud Platform

DNS

Technologies

Technology Splunkbase Link
Zscaler Zscaler Technical Add-On for Splunk
Splunk Stream DNS Splunk App for Stream
Windows DNS Add-On for Windows DNS Analytical Logging
Microsoft Sysmon Splunk Add-on for Sysmon
Cisco Umbrella Cisco Umbrella Investigate Add-on
Infoblox Splunk Add-on for Infoblox

Email

Technologies

Technology Splunkbase Link
Microsoft Office 365 Splunk Add-on for Microsoft Office 365

Endpoint Detection and Response

Technologies

Technology Splunkbase Link
Windows Process Launch Logs Splunk Add-on for Microsoft Windows
Microsoft Sysmon Splunk Add-on for Sysmon
Tanium TA-Tanium
PAN Traps Palo Alto Networks Add-on for Splunk
Carbon Black Splunk Add-on for Carbon Black
Symantec EP Splunk Add-on for Symantec Endpoint Protection
CrowdStrike CrowdStrike Falcon Event Streams Technical Add-On
Cylance CylancePROTECT App for Splunk

Network Communication

Technologies

Technology Splunkbase Link
Zscaler Zscaler Technical Add-On for Splunk
Palo Alto Networks Palo Alto Networks Add-on for Splunk
Cisco ASA Splunk Add-on for Cisco ASA
AWS VPC Flow Splunk Add-on for Amazon Web Services (AWS)
Cisco iOS Cisco Networks Add-on for Splunk Enterprise
Juniper Devices Splunk Add-on for Infoblox
Check Point Cisco Umbrella Investigate Add-on
Netflow Technology Add-on for NetFlow
Splunk Stream Splunk App for Stream

IDS or IPS

Technologies

Technology Splunkbase Link
Palo Alto Networks Palo Alto Networks Add-on for Splunk
Check Point Cisco Umbrella Investigate Add-on

Application Data

Technologies

Technology Splunkbase Link
Windows Application Log Splunk Add-on for Microsoft Windows

IP Address Assignment

Technologies

Technology Splunkbase Link
ISC DHCP Splunk Add-on for ISC DHCP

Vendor-Specific Data

Technologies

Technology Splunkbase Link
AWS Cloudtrail Splunk Add-on for Amazon Web Services (AWS)
AWS CloudWatch Kubernetes Audit Splunk Add-on for Amazon Web Services (AWS)
Azure Audit Splunk Add-on for Microsoft Cloud Services
Azure AD Audit Splunk Add on for Microsoft Azure
GCP Splunk Add-on for Google Cloud Platform
Okta Okta Identity Cloud Add-on for Splunk
Splunk Stream Splunk App for Stream
Windows Security Logs Splunk Add-on for Microsoft Windows

Vulnerability Detection

Technologies

Technology Splunkbase Link
Nessus Tenable Add-On for Splunk
Tenable Tenable Add-On for Splunk
Qualys Qualys Technology Add-on (TA) for Splunk

Web Server

Technologies

Technology Splunkbase Link
Apache Splunk Add-on for Apache Web Server
IIS Splunk Add-on for Microsoft IIS

Web Proxy

Technologies

Technology Splunkbase Link
Zscaler Zscaler Technical Add-On for Splunk
BlueCoat Splunk Add-on for Symantec Blue Coat ProxySG
WebSense Splunk Add-on for Websense DLP
Palo Alto Networks Palo Alto Networks Add-on for Splunk
Check Point Check Point App for Splunk