Splunk
To set up the link between Splunk and GravityZone follow the steps below.
1. Verify Prerequisites
The following software needs to be installed:
Splunk Common Interface Model app, only 4x versions.
2. Install the Bitdefender Gravityzone for Splunk App
The Bitdefender Gravityzone for Splunk App provides a Dashboard where you can view all the information received from GravityZone, organized into multiple sections and widgets. Using the app you can also search for information or generate reports.
To install the app, follow these steps:
Download the Bitdefender Gravityzone for Splunk App installation package from here.
Log in to Splunk Enterprise.
From the home page, click the Manage Apps button on the upper left side of the screen:
Click the Install app from file button on the right side of the screen.
Click Browse....
Select the package downloaded from step 1.
Click Upload.
3. Install the Bitdefender Gravityzone Add-on for Splunk
The Bitdefender Gravityzone Add-on for Splunk supports the Bitdefender Gravityzone App for Splunk by providing source mapping, data extractions and transformations. It acts like a parser, converting all data gathered from various Bitdefender sources into a CIM format, which is compatible with Splunk.
To install the app, follow these steps:
Download the Bitdefender Gravityzone Add-on for Splunk installation package from here.
Log in to Splunk Enterprise.
From the home page, click the Manage Apps button on the upper left side of the screen:
Click the Install app from file button on the right side of the screen.
Click Browse....
Select the package downloaded from step 1.
Click Upload.