IntSights App for Splunk

The IntSights Splunk App is an integration between Rapid7 Threat Command (Threat Command) and the following Splunk products:

Splunk standalone environment
Splunk Cloud
Splunk Distributed Deployment
Splunk Enterprise Security (ES)

The integration enables Splunk users to import IOCs, alerts, and vulnerabilities (CVEs) from Threat Command and to correlate them in the Splunk environment. Imported values are automatically updated in Splunk enabling a single pane of glass view.

This section describes how to install, configure, and use the IntSights Splunk App.

This section assumes familiarity with both the Splunk Enterprise Security platform and IntSights ETP Suite.

Did this page help you?

Integrate Devices

InsightIDR Integration

Integrate Devices

Splunk App Install, Configure, and Upgrade