Skip to content
/ es_precheck Public

Splunk Dashboards that check CIM compliancy before installing Enterprise Security

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dd-Splunk/es_precheck

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
bin
bin
 
 
default
default
 
 
metadata
metadata
 
 
static
static
 
 
README.md
README.md
 
 

Repository files navigation

ES Precheck

A single Splunk dashboard that checks the various Datamodels expected by Enterprise Security.

There are two macros defined in es_precheck/default/macros.conf that can be tailored to alter the check behaviour:

  • es-indexes Lists all indexes to be searched for relevant data. By default all indexes are searched.

  • es-dm Lists the relevant ES Datamodels to be included in the checks.

This app is based on the work of Cynthia Li and Igor Gifrin authors of the InfoSec App for Splunk.

About

Splunk Dashboards that check CIM compliancy before installing Enterprise Security

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published