Refine your search:

Solera DeepSee App for Splunk

0

Thanks For Downloading!

Review the documentation below and follow any custom installation steps. If no install steps are listed, most Splunk Apps and Add-ons can be installed as follows:

Windows: Decompress the downloaded file using a tool like 7-Zip and place the resulting folder into %PROGRAMFILES%\Splunk\etc\apps. Then restart Splunk using the splunk restart command or the GUI.

Unix/Linux: Decompress the downloaded file using a tool like tar -xvf and place the resulting folder into $SPLUNK_HOME/etc/apps. Then restart Splunk using the splunk restart command or the GUI.

Description

Connects events found in Splunk to the full packet capture and reconstruction of the event in Solera DS Appliances.

A free 30-day trial of the Solera Virtual Appliance can be downloaded at www.soleranetworks.com

Investigate any network security event with depth and clarity with the Solera DeepSee App for Splunk. Solera DS Appliances and Virtual Appliances capture, classify, and index 100% of network traffic acquired via SPAN port or network tap. Network sessions can be instantly searched, replayed, or reconstructed to provide the ultimate level of visibility on the network -- a full fidelity record of every packet. The amount of storage used equates to the amount of history desired and network bandwidth.

This app adds a powerful Investigate button to each event found in Splunk. With a single click users can pivot from events in Splunk to the full packet capture and application reconstruction in the Solera DeepSee interface or even download a PCAP file of the full session within seconds. Solera DeepSee provides the data to act with confidence and secure your network against Next Generation Threats.

Solera DS Appliances achieve the following use cases:

  • Comprehensive situational awareness of the network, applications, content, and users
  • High fidelity surveillance of individuals or systems
  • NIST-recommended Continuous Monitoring to support risk management decisions
  • Real-time active response to incidents limiting damage and mitigating ongoing risk
  • Root cause analysis of malware and data breach to find and close initial vulnerability
  • Discovery of breach source and scope for regulatory compliance and remediation
  • Discovery and elimination persistent threats on the network preventing further loss
  • Deterrence of insider threats with continuous network surveillance
  • A platform to perform true Next Generation Threat Prevention

Compatible with any Solera DS Appliance running Solera OS 4.1 or later including the Solera Virtual Appliance (available for a free 30-day trial at www.soleranetworks.com).

Versions and Release Notes

Version 1.1.1 (current version - updated Mar 21, 2011)
release notes:
Updated package to include screenshot for Splunkbase. No functional changes.
show older versions »
Version 1.1.0 (updated Mar 17, 2011)
release notes:
Supports Splunk 4.2
Version 1.0.1 (updated Jan 18, 2011)
release notes:
Updated documentation.
Version 1.0 (updated Jan 12, 2011)

posted 12 Jan '11, 22:51

pschlampp's gravatar image

pschlampp
1812
accept rate: 100%

new version 21 Mar '11, 14:36

One Review:
0 ratings
oldestnewest

At present, the agent coverage dashboard currently relies buy essay

comments (0)

reviewed 27 Jan, 05:43

boober's gravatar image

boober
(suspended)
accept rate: 0%

Your review

Did you find this app useful?

Preview toggle preview

Details

This app is not covered by any support agreements in place with Splunk. If you have questions about the installation or operation of this app, please contact the author.

Version 1.1.1
Last Updated: Mar 21, 2011
Download App
Author: pschlampp
Version: 1.1.1
Splunk compatibility: 4.3, 4.2
Price: Free
License: Creative Commons BY 3.0
Downloads: 210

Follow this app

Log In to enable email subscriptions

RSS:

Reviews

Reviews + Comments

Copyright © 2005-2012 Splunk, Inc. All rights reserved.