How to integrate Kaspersky Threat Data Feels with Splunk

 

Kaspersky Threat Data Feeds

 
 
 
 

How to integrate Kaspersky Threat Data Feels with Splunk

Back to article list
Latest update: September 20, 2022 ID: 13853
 
 
 
 

Kaspersky CyberTrace allows you to check URLs, file hashes, and IP addresses contained in events that arrive in Splunk. The URLs, file hashes, and IP addresses are checked against threat data feeds from Kaspersky Lab, or from other vendors or sources loaded to CyberTrace. During the matching process, Kaspersky CyberTrace determines the indicator category and generates an event supplemented with actionable context.

To install SIEM connector for Splunk:

  1. Download Kaspersky CyberTrace. Find the download files for Kaspersky CyberTrace in this article.
  2. Follow the instructions in the product documentation to install the package.

Please note that SIEM connector for Splunk has been tested with Splunk 8.0 and later. 

 
 
 
 
Was this information helpful?
Yes No
Thank you
 
 
 

 
 

How can we improve this article?

Your feedback will be used for content improvement purposes only. If you need assistance, please contact technical support.

Submit Submit

Thank you for your feedback!

Your suggestions will help improve this article.

OK