Splunk® Enterprise Security

Administer Splunk Enterprise Security

Available open intelligence sources for Splunk Enterprise Security

Open intelligence sources are sources that are freely available without any subscription requirement. Use the following table to find the supported observable types for each open intelligence source:

Intelligence source Update type Update frequency Supported observable types
URLHaus Feed-based 60 minutes
  • URL
Abuse SSL IP Blacklist Feed-based 15 minutes
  • IP
  • URL
Last modified on 30 August, 2024
Available premium intelligence sources for Splunk Enterprise Security   Available threat intelligence and generic intelligence sources included in Splunk Enterprise Security

This documentation applies to the following versions of Splunk® Enterprise Security: 8.0.0, 8.0.1


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters