Source types for the Splunk Add-on for Box¶
The Splunk Add-on for Box provides the index-time and search-time knowledge for Box events, metadata, user and group information, collaboration data, and tasks in the following formats.
| Source type | Description | CIM data models |
|---|---|---|
box:events |
Box enterprise audit events | Authentication Change Alerts DataAccess Malware |
box:file |
Box file metadata | Inventory |
box:fileComment |
Box file comments information | Inventory |
box:fileTask |
Task information about box files | Inventory |
box:folder |
Box file and folder metadata | Inventory |
box:folderCollaboration |
Box collaboration information on folders | Inventory |
box:groups |
Box group information | Inventory |
box:users |
Box user information | Inventory |
box:filecontent |
Sourcetype for content of txt, text, log files on Box | none |
box:filecontent:json |
Box JSON file content | none |
box:filecontent:xml |
Box XML file content | none |
box:filecontent:csv |
Box CSV file content | none |
box:addon:log |
Splunk Add-on for Box internal log | none |
box:addon:setup:log |
Splunk Add-on for Box internal installation log | none |