admingit
/
Splunk_deploy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
Splunk_deploy/deployment-apps/TA-cyences/ReadMe.md

77 lines
2.2 KiB
Raw Permalink Blame History

# Cyences Add-on for Splunk
### Download from Splunkbase
https://splunkbase.splunk.com/app/5659/
OVERVIEW
--------
The Cyences Add-on for Splunk is a Splunk Add-on/App to provide some custom input that is being used in Cyences App for Splunk (https://splunkbase.splunk.com/app/5351/). It contains required inputs and data parsing. It does not contain alerts/reports and dashboards.
* Author - CrossRealms International Inc.
* Build - 1
* Creates Index - False
* Compatible with:
* Splunk Enterprise version: 9.0, 8.2, 8.1, 8.0, 7.3, 7.2
* OS: Platform Independent
TOPOLOGY AND SETTING UP SPLUNK ENVIRONMENT
------------------------------------------
* Install this Add-on on every Linux/Unix server from which user would like to collect local account and privileges data.
* Add-on can be installed on both full Splunk server and Splunk universal forwarder.
* Splunk should be running as root user.
INSTALLATION, DEPENDENCIES, DATA COLLECTION & CONFIGURATION
------------------------------------------------------------
Visit https://crossrealms.github.io/Splunk-Cyences-App-for-Splunk/ for the complete configuration guide.
UNINSTALL APP
-------------
To uninstall the app, the users can follow the below steps:
* SSH to the Splunk instance
* Go to folder apps($SPLUNK_HOME/etc/apps).
* Remove the `TA-cyences` folder from apps directory
* Restart Splunk
RELEASE NOTES
-------------
Version 1.1.1 (March 2023)
* Fixed shell script permission issue.
Version 1.1.0 (March 2023)
* Added users.sh and groups.sh scripted inputs.
Version 1.0.2 (October 2021)
* Updated shell script to cover other files under sudoers.d directory to check for sudo access.
Version 1.0.1 (August 2021)
* The shell script permission issue fixed.
Version 1.0.0 (July 2021)
* Created Add-on for Cyences App with sudo-users linux inputs.
OPEN SOURCE COMPONENTS AND LICENSES
------------------------------
* NA
CONTRIBUTORS
------------
* Vatsal Jagani
* Bhavik Bhalodia
SUPPORT
-------
* Contact - CrossRealms International Inc.
* US: +1-312-278-4445
* License Agreement - https://d38o4gzaohghws.cloudfront.net/static/misc/eula.html
* Copyright - Copyright CrossRealms Internationals, 2023
Reference in new issue View Git Blame Copy Permalink