Splunk
  • README
  • Docs
    • OS Migration
    • Resources
    • SSL
    • Settings
  • Integrations
    • Cisco
    • Cloudflare
    • Crowdstrike Integrations with Splunk Enterprise and ES
    • JAVA for DB Connect app
    • Delinea
    • F5 BIG-IP
    • FortiGate
    • Microsoft Azure
    • Integration Netflow with Splunk
    • Splunk Mobile
    • Tenable
    • Twilio SMS
    • VMware
  • SPL Queries
    • MISC
    • SPL Queries
  • Splunk Deployment
    • Apps & Addons
    • Firewall rules
    • Indexer cluster deployment
    • Splunk Deployment
    • Splunk ES
    • Syslog-ng
    • Universal Forwarder
Powered by GitBook
On this page
  • Connections Required (Firewall Rules)
  • Documentation
  1. Integrations

Crowdstrike Integrations with Splunk Enterprise and ES

PreviousCloudflareNextJAVA for DB Connect app

Last updated 6 months ago

Connections Required (Firewall Rules)

Allow access from Splunk Search Head server to the following APIs

  • https://api.us-2.crowdstrike.com

  • https://firehose.us-2.crowdstrike.com

Documentation

CrowdStrike Falcon Event Strems Add-On
CrowdStrike Intel Indicators Add-on
CrowdStrike Falcon Devices Add-on
CrowdStrike Falcon Spotlight Vulnerability Data Add-on
CrowdStrike Scheduled Search Add-on
CrowdStrike Falcon FileVantage Add-on
CrowdStrike Unified Alerts Add-on
CrowdStrike Falcon Identity Protection Add-on
SA-CrowdStrikeIdentities for Enterprise Security