Ctrlk

README
Docs
Integrations
SPL Queries
Splunk Deployment
Splunk ES

Powered by GitBook

On this page

Integrations

Crowdstrike Integrations with Splunk Enterprise and ES

Connections Required (Firewall Rules)

Allow access from Splunk Search Head server to the following APIs

https://api.us-2.crowdstrike.com
https://firehose.us-2.crowdstrike.com

Documentation

CrowdStrike Falcon Event Strems Add-On
CrowdStrike Intel Indicators Add-on
CrowdStrike Falcon Devices Add-on
CrowdStrike Falcon Spotlight Vulnerability Data Add-on
CrowdStrike Scheduled Search Add-on
CrowdStrike Falcon FileVantage Add-on
CrowdStrike Unified Alerts Add-on
CrowdStrike Falcon Identity Protection Add-on
SA-CrowdStrikeIdentities for Enterprise Security

PreviousCloudflare NextJAVA for DB Connect app

Last updated 1 year ago

Connections Required (Firewall Rules)
Documentation