The Nozomi Networks Universal Add-on for Splunk connects to your instances of the Nozomi Networks Guardian™ or Central Management Console or Vanatge
Nozomi Networks products unlock visibility across converted OT and IoT networks for accelerated security and digital transformation.
Nozomi Networks products combines asset discovery and network visualization, vulnerability assessment and risk monitoring, real-time anomaly and threat detection to accelerate and simplify response to operational anomalies and attacks.
This Add-on enables you to integrate Nozomi Networks data into your Splunk instance to add context and enrich data correlation. You can map a range of inputs from Nozomi Networks into your Splunk data model, including:
* Alert
* Asset
* NodeCve
* Node
* Link
* HealthLog
* AuditItem/AuditLog
* Variable
* Session
From the version 1.0.4 it is possible to get assets updates configuring the Asset input with the "Receive asset updates" checkbox flagged, but the Asset updates are avaiable only for CMC AIO Sensor and Vantage. This means that Guardian and the CMC Multicontext do not receive assets updates.
Release Notes - Nozomi Networks Universal Add-on (Version 1.0.9)
Features:
This compatibility enables users to effortlessly retrieve data from both N2OS and Vantage through a single interface.
This streamlined approach simplifies the monitoring and analysis of operational network data.
Nozomi Networks is committed to enhancing the add-on based on user feedback and evolving industry requirements.
For further information, assistance, or feedback, please contact Nozomi Networks support at support@nozominetworks.com.
We hope you enjoy using the Nozomi Networks Universal Add-on and find its capabilities valuable in retrieving data from N2OS and Vantage.
The 1.0.3 version add support for Health Logs and Audit Logs
The 1.0.4 version add the possibility to get also Asset updates
The 1.0.5 update call header
The 1.0.7 fix minor bug
The 1.0.8 support cloud vetting standards
The 1.0.9 updated splunk py sdk
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.