Products
Applications
Support
Company
How To Buy
Skip to main content (Press Enter).
Sign in
Skip auxiliary navigation (Press Enter).
Register
Skip main navigation (Press Enter).
Toggle navigation
Search Options
Home
My Communities
Communities
All Communities
Enterprise Software
Mainframe Software
Symantec Enterprise
Blogs
All Blogs
Enterprise Software
Mainframe Software
Symantec Enterprise
Events
All Events
Enterprise Software
Mainframe Software
Symantec Enterprise
VMware
Water Cooler
Groups
Enterprise Software
Mainframe Software
Symantec Enterprise
Members
Network Forensics & Security Analytics
View Only
Community Home
Threads
Library
Events
Members
Back to discussions
Expand all
|
Collapse all
Turbocharge Your Security Analytics Exports to Splunk
1.
Turbocharge Your Security Analytics Exports to Splunk
2
Recommend
Broadcom Employee
Ron Lee
Posted May 25, 2022 05:07 PM
Reply
Reply Privately
Options Dropdown
If you've ever wanted to export your SA alert or session metadata directly to Splunk, we have a solution for you.
Our
security-analytics-export-tools
GitHub repository provides the code and instructions for you to export your data to Splunk Enterprise using some Python code and the open-source RabbitMQ message broker. You can implement this solution as-is or customize it for your environment or even another SIEM. This solution is capable of forwarding metadata for over 100,000 SA sessions per second. See the GitHub repo's README.md for more information.
×
New Best Answer
This thread already has a best answer. Would you like to mark this message as the new best answer?
Copyright 2019. All rights reserved.
Powered by Higher Logic