Splunk Technical Add-ons and Apps maintained by Enosys

Our Philosophy

Life is not perfect, and neither is code. It is one thing to ingest data, its another to apply common sense and well defined labels/fields to your data.

The heart of any good SIEM is its ability to pick out and normalise as much as you can from every message received. At Enosys we decide to "go deep" into particular technologies and log sources and pluck out, correct, adjust and manipulate the data well beyond what occurs with the "out of the box" parsers.

We like to think of it as the equivalent to getting that perfect avocado seed removal when none of the avocado sticks.

Splunk Technical Add-ons and Apps maintained by Enosys

Below is a list of all current technical add-ons (TAs) and Apps for Splunk that have been developed and are maintained by Enosys. If you are interested in using them please contact us using the contact form on this page.

Enosys Enhancement for Splunk Add-on for Microsoft Office 365

Enosys Security Operations has taken it upon ourselves to update a great many values (>200) in the existing Splunk Add-on for Microsoft Office 365 TA as to ensure it is as CIM compliant as possible.

Enosys maintains its own "post process" that is undertaken upon successful deployment of the publicly available TA.

This should not detract from the excellent (foundation) work done by the Splunk Inc team to provide this TA.

All enhancements are built on the current (Version 1.1.0) of the TA.

Enosys Add-on for ContentKeeper

The ContentKeeper Add-on for Splunk allows a SplunkĀ® administrator to extract and filter event information from ContentKeeper Proxy logs.

You can see it by clicking here to go to our Contentkeeper Add-on page.

Enosys Add-on for Citrix Netscaler

The Citrix Netscaler Add-on for Splunk allows a SplunkĀ® administrator to extract and filter event information from Citrix Netscaler syslog logs.

This Add-on version 1.1 works only when Citrix Netscaler syslog is forwarded to Splunk SIEM via Splunk Heavy Forwarder, Splunk Enterprise or Splunk Cloud.

You can see it by clicking here to go to our Citrix Netscaler page.

Enosys Add-on for Check Point OPSEC LEA

Full credit to the Splunk team for their work and maintenance.

Announcement here: Click here to see the page for our Enosys Add-on for Check Point OPSEC LEA.

This fork is due to the existing project not being publicly accessible and with a number of fixes required we have decided to publish these fixes/enhancements with the hope these will be merged in with the original project and if possible have that project made public via clicking here to go to the Enosys Add-on for Check Point OPSEC LEA.

This primary intended to update field extraction issues and for deployment on Search Heads in Splunk Cloud .. there are no guarantees the LEA connector itself (used locally) will function as-well as the Splunk produced version.

Our services

Vulnerability management

Vulnerability management
Next Generation Threat management

Next Generation Threat management
Security Information and event management

Security Information and event management
Secure Application Services

Secure Application Services
Vulnerability management

Vulnerability management
Next Generation Threat management

Next Generation Threat management
Security Information and event management

Security Information and event management
Secure Application Services

Secure Application Services

Connect
with us

Important Links

Our Offices

Sydney

Level 7, 56 Berry Street,
North Sydney NSW 2060
T: 1300 760 799

Melbourne

Suite 2, Level 10
224 Queen Street
Melbourne, VIC 3000
T: 1300 760 799

Brisbane

Level 20,
100 Creek Street,
Brisbane QLD 4000
T: 1300 760 799

© 2017 - 2020 Enosys Solutions, a CyberCX company

Contact