Home¶
The Iptables Add-on allows Splunk data administrators to map netfilter events to the CIM enabling the data to be used with other Splunk Apps.
This Splunk Add-on is community driven. Any issues or feature requests may be submitted directly through Github.
Assumptions¶
This documentation assumes the following:
- You have a linux server with the appropriate firewall tools installed.
- You have a working Splunk environment.
- Basic understanding of Splunk, linux, and Firewalld/UFW/Iptables.
About¶
| Info | Description |
|---|---|
| Version | 1.3.8 - Splunkbase | GitHub |
| Vendor Products | REHL/CentOS - Firewalld, Ubuntu - UFW, built-in IPtables |
| Add-on has a web UI | No, this add-on does not include views. |
Last update: January 23, 2023