You are here
How to Deploy Airlock App for Splunk
Submitted on 4. December 2017 - 9:28 by sd.
Last update on 16. August 2022 - 15:06.
Last update on 16. August 2022 - 15:06.
Affects product:
Airlock WAF
Affects version(s):
7.x
The Airlock App for Splunk is split into two parts:
- The free Splunk Add-Ons which allow a fast and easy integration by parsing the logs correctly and provide the Airlock WAF field names as well as the corresponding Splunk CIM alias.
- The commercial Splunk App itself depends on those Splunk Add-Ons and contains dashboards for different use cases to simplify analytic tasks. For a brief overview about the app please consider our factsheet.
While the Splunk Add-Ons are free, the Splunk App with its dashboards must be purchased from Ergon Informatik AG. Please send an email to order@airlock.com to get an offer and license. The integration of Airlock WAF into Splunk is described in the document below.
Note: The procedure for calculating the log volume described in section 5.1.1 is not applicable for Airlock Gateway 8.x. However, the number of log messages can be easily calculated using Kibana.
| Attachment | Size |
|---|---|
 Deploy_Airlock_App_for_Splunk | 620.63 KB |
Knowledge Base Categories: