Qualys App for Splunk Enterprise with TA

Version 1.11.7 

July 23, 2024

To view what is new in this release, refer to the Release Notes.

Welcome to Qualys App for Splunk Enterprise with TA! 

The Qualys Technology Add-On (TA) for Splunk is a tool that can be used to access data from Qualys Cloud Platform, specifically Vulnerability Management (VM), Web Application Scanning (WAS), Policy Compliance (PC), Container Security (CS), File Integrity Monitoring (FIM), Endpoint Detection & Response (EDR), Security Enterprise Mobility (SEM), Policy Compliance Reporting Services (PCRS), Cyber Security Asset Management (CSAM), and Certview. It uses modular input to fetch the data and indexes it, making it searchable using various applications such as Splunk Enterprise Security, VM, WAS and so on.

The application uses Splunk’s Application Development framework and leverages existing Qualys APIs.

solution

Pre-requisites

For using the Splunk app, the following are the requirements: 

  • Valid Qualys account with API access
  • Splunk Enterprise or Cloud account
  • Computer with Linux

Get Started 

  1. Download and Install the App
  2. Configure the App
  3. Configure Data Sync
  4. Enable the Data Feed to Start in Splunk

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.