The SpyCloud App for Splunk provides visualizations and alerts based on data provided by TA-SpyCloud.
The following pre-built panels are available to use on your own dashboards. By default the searches run over the last
30 days, but you can override this:
- active_employees_in_breach_data
- breach_catalog
- breach_exposure_timeline
- domain_watchlist_assets
- email_watchlist_assets
- your_breached_asset_types
If using the LDAP functionality of this app, Splunk Supporting Add-on for Active Directory is needed.
Otherwise this app has no additional dependencies. This app does use the open source "requests" library,
though it ships with Splunk so no configuration needs to be done by the end user.
v. 1.5.0
- Initial release, split off of previously all-in-one app "SpyCloud"
(https://github.com/requirejs/text) - MIT License
Copyright jQuery Foundation and other contributors, https://jquery.org/
This software consists of voluntary contributions made by many
individuals. For exact contribution history, see the revision history
available at https://github.com/requirejs/text
The following license applies to all parts of this software except as
documented below:
====
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Version 1.6 - December 17, 2024
v1.6
- Added UI element for "Sightings" which shows users how many times SpyCloud has seen a credential pair.
- Removed legacy setup page and workflow that is not compatible with latest versions of Splunk
Versions 1.5.0 - April 27, 2022
v 1.5.0
Split previous standalone application into an Add-On and Application to provide for more flexible deployment models
Updated Watchlist View to include all Watchlist Items
Added Visualizations for Infected Users
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.