Splunk® Supported Add-ons

Splunk Add-on for Box

Source types for the Splunk Add-on for Box

The Splunk Add-on for Box provides the index-time and search-time knowledge for Box events, metadata, user and group information, collaboration data, and tasks in the following formats.

Source type Description CIM data models
box:events Box enterprise audit events Authentication
Change
Alerts
DataAccess
Malware
box:file Box file metadata Inventory
box:fileComment Box file comments information Inventory
box:fileTask Task information about box files Inventory
box:folder Box file and folder metadata Inventory
box:folderCollaboration Box collaboration information on folders Inventory
box:groups Box group information Inventory
box:users Box user information Inventory
box:filecontent Soucetype for content of txt, text, log files on Box none
box:filecontent:json Box JSON file content none
box:filecontent:xml Box XML file content none
box:filecontent:csv Box CSV file content none
box:addon:log Splunk Add-on for Box internal log none
box:addon:setup:log Splunk Add-on for Box internal installation log none
Last modified on 06 December, 2024
About the Splunk Add-on for Box   Release notes for the Splunk Add-on for Box

This documentation applies to the following versions of Splunk® Supported Add-ons: released, released

Acrobat logo Download manual
Acrobat logo Download this page

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters