The Splunk Add-on for Box allows a Splunk Enterprise administrator to collect data from Box and monitor Box events in near real time. The add-on can collect the following data via the Box REST APIs: * enterprise events * metadata about files and folders * user and user group data * collaboration data for folders * tasks data for files After Splunk Enterprise indexes the events, Box administrators can consume the data using the prebuilt dashboard panels included with the add-on. This add-on provides the inputs and CIM-compatible knowledge to use with other Splunk Enterprise apps, such as the Splunk App for Enterprise Security and the Splunk App for PCI Compliance. This add-on must be installed on a Linux instance of Splunk Enterprise for data collection. The add-on is platform independent for indexers and search heads.
(0)
Categories
Created By
Type
Downloads
Licensing
Splunk Answers
Resources