Kaspersky CyberTrace App for Splunk is a Splunk app. It does the following:
Additionally, Kaspersky CyberTrace App for Splunk comes with alert templates that demonstrate the basic trigger conditions that can be used with Kaspersky CyberTrace.
About Kaspersky CyberTrace App dashboards
Kaspersky CyberTrace App uses the following dashboards:
This dashboard provides information about URLs, IP addresses, and hashes from events that matched Kaspersky Threat Data Feeds, together with statistical information and a log of matches.
This dashboard provides match statistics for Feed Service and a log of alerts received from it. The dashboard can also be used to run the Self-test of Kaspersky CyberTrace App for Splunk.
This tab allows you to configure and perform a lookup by indicator.
This is a standard Alerts dashboard. Kaspersky CyberTrace App for Splunk comes with several alert templates that you can use and customize from this dashboard.
Link to the online documentation for Kaspersky CyberTrace.