RBA is Splunk's method to aggregate low-fidelity security events as interesting observations tagged with security metadata to create high-fidelity, low-volume alerts.
☆63Mar 11, 2026Updated last week
Alternatives and similar repositories for rba
Users that are interested in rba are comparing it to the libraries listed below
Sorting:
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆96Jun 28, 2025Updated 8 months ago
- Downloading Splunk, made easy through scripts☆25Mar 4, 2026Updated 2 weeks ago
- Splunk spec files version history☆43Mar 5, 2026Updated 2 weeks ago
- Kintyre's Splunk Configuration tool☆53Mar 11, 2025Updated last year
- Splunk App for Splunk4Champions Workshop☆23Feb 25, 2026Updated 3 weeks ago
- scripts using splunk application lookup-editor endpoint. Download, upload and update splunk lookups content☆31Jul 1, 2024Updated last year
- Splunk Content Control Tool☆130Mar 5, 2026Updated 2 weeks ago
- Grand Central logging for Cloud Services to Splunk☆36Jan 22, 2022Updated 4 years ago
- Data validator agains Splunk Common Information Model (CIM)☆78Mar 27, 2024Updated last year
- Splunk connect for SNMP☆40Mar 13, 2026Updated last week
- Monitor syslog collection infrastructure & offer syslog configuration templates.☆27Feb 9, 2018Updated 8 years ago
- Bulk modify Splunk Knowledge Object's owners, permissions, apps, sharing and move them to another app☆26Aug 27, 2022Updated 3 years ago
- Splunk Connect for Syslog☆173Mar 12, 2026Updated last week
- Azure Functions for getting data in to Splunk☆33Oct 22, 2025Updated 4 months ago
- Config viewer and file editor for Splunk. Based on VSCode.☆34Mar 7, 2026Updated last week
- ☆15Jan 9, 2026Updated 2 months ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆68Apr 29, 2024Updated last year
- Sysmon Splunk App☆47Aug 21, 2018Updated 7 years ago
- Admin Config Service CLI☆17Mar 10, 2026Updated last week
- Splunk app to monitor the /etc directory of Splunk for all changes of .conf files☆13Jan 26, 2018Updated 8 years ago
- Splunk Admins application to assist with troubleshooting Splunk enterprise installations☆101Feb 18, 2026Updated last month
- Maps+ for Splunk☆20Updated this week
- ☆77Jul 15, 2021Updated 4 years ago
- Splunk Security Content☆1,584Updated this week
- A repository of curated datasets from various attacks☆746Updated this week
- Splunk Operator for Kubernetes☆254Updated this week
- Workshop showing you how to setup Amazon Web Services to send data to Splunk☆74Sep 9, 2020Updated 5 years ago
- Postfix Add-on for Splunk (Compliant with the Mail CIM model)☆11Mar 18, 2021Updated 5 years ago
- Splunk csv to KVStore ES Threat Intel☆11Jul 11, 2016Updated 9 years ago
- Splunk scripted input for opening a backconnect shell on a remote forwarder☆45Nov 18, 2020Updated 5 years ago
- Phantom Apps Repo☆82Nov 9, 2021Updated 4 years ago
- ☆13Mar 3, 2026Updated 2 weeks ago
- Ansible framework providing a fast and simple way to spin up complex Splunk environments.☆133Mar 13, 2026Updated last week
- Shell script to download apps from Splunkbase☆24May 19, 2020Updated 5 years ago
- Risk Based Alerting Supporting Add-On (SA) for Splunk☆44Oct 28, 2021Updated 4 years ago
- Searches and dashboards to assist with optimising concurrency settings☆30Mar 4, 2022Updated 4 years ago
- How to run cluster of Splunk Enterprise in Docker. Examples.☆34Oct 27, 2016Updated 9 years ago
- Splunk App for Data Science and Deep Learning - container images repository☆63Updated this week
- Allows to pull asset and identity data into Splunk app for Enterprise Security from LDAP and other sources☆28Feb 23, 2018Updated 8 years ago