CrowdStrike Spotlight Data
The CrowdStrike Falcon Spotlight Vulnerability Data Add-on for Splunk is required to allow Cyences to retrieve CrowdStrike Spotlight Vulnerabiltiy data from CrowdStrike Falcon instances via API.
App Installation
| App | Search Head | Indexer | Heavy Forwarder | UF / Deployment Server | Additional Details |
|---|---|---|---|---|---|
| CrowdStrike Falcon Spotlight Vulnerability Data Add-on for Splunk | Required | - | Required | - | Installation and Configuration Guide |
Important inputs to be configured
- CrowdStrike Falcon Spotlight Vulnerability
Note : Create an index named crowdstrike or update the cs_crowdstrike_vuln macro definition from Cyences app configuration page (Cyences Settings > Cyences App Configuration > Products Setup).
Estimated Data Size
TODO