Splunkbase Apps

(paid, 14day trial) GreyNoise

This is free to download and install but paid to use.

Threat hunting add-on that is a community that shares IP address and Urls of malicious endpoints and compares those IP to the IP in the spunk index

Video and Instructions

SIEM Integration Overview: SplunkGreyNoise

https://splunkbase.splunk.com/app/4113

Splunk Addon for Microsoft cloud

Connect to your Microsoft Office 365 account - Splunk Add-on for Microsoft Cloud Services

Splunk ES Content Update

The Splunk ES Content Update (ESCU) app delivers pre-packaged Security Content. ESCU provides regular Security Content updates to help security practitioners address ongoing time-sensitive threats, attack methods, and other security issues. Security Content consists of tactics,

https://splunkbase.splunk.com/app/3449