Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
Sandfly Agentless Security for Linux app icon

Sandfly Agentless Security for Linux

Sandfly is an agentless intrusion detection and incident response platform for Linux. Sandfly automatically analyzes Linux hosts for intruders 24 hours a day without loading any software on your endpoints. Additionally, Sandfly can retrieve hardware, operating system and related data for analysis in Splunk. Sandfly works across virtually all Linux distributions immediately without risk to stability or performance. The Sandfly Agentless Security for Linux App includes dashboards, reports and alerts for analyzing data ingested from a Sandfly server such as security alerts, suspicious activity, software and hardware metrics, SSH Hunter details, and Sandfly audit and error logs. Data retrieved by Sandfly can be used by Splunk users to build anomaly detection models, incident response and insights into software and hardware versions of your Linux fleet. This app requires that the Sandfly Security Add-on for Splunk (TA-sandfly-security) already be installed and configured to ingest data into your specified index and configured with the correct sourcetypes.

Built by Sandfly Security
splunk product badge
Latest Version 4.5.3
August 23, 2024
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1
CIM Version: 5.x, 4.x, 3.x
Rating

0

(0)

Log in to rate this app
Support
Sandfly Agentless Security for Linux support icon
Developer Supported app
Ranking

#38

in Endpoint
Sandfly is an agentless intrusion detection and incident response platform for Linux. Sandfly automatically analyzes Linux hosts for intruders 24 hours a day without loading any software on your endpoints. Additionally, Sandfly can retrieve hardware, operating system and related data for analysis in Splunk. Sandfly works across virtually all Linux distributions immediately without risk to stability or performance. The Sandfly Agentless Security for Linux App includes dashboards, reports and alerts for analyzing data ingested from a Sandfly server such as security alerts, suspicious activity, software and hardware metrics, SSH Hunter details, and Sandfly audit and error logs. Data retrieved by Sandfly can be used by Splunk users to build anomaly detection models, incident response and insights into software and hardware versions of your Linux fleet. This app requires that the Sandfly Security Add-on for Splunk (TA-sandfly-security) already be installed and configured to ingest data into your specified index and configured with the correct sourcetypes.

Categories

Created By

Sandfly Security

Type

app

Downloads

1,753

Licensing

Splunk Answers

Resources

Login to report this app listing