Get started integrating custom content in Splunk Security Essentials
As a partner, internal user, or third-party developer who develops on the Splunk Security Essentials (SSE) platform, you can develop, customize, and extend the capabilities of SSE to help users find and deploy appropriate security procedures. By building add-ons and enabling them for users, you can integrate custom content with SSE to help users analyze that content against MITRE ATT&CK frameworks and track and report their successes.
As an SSE developer, you can do the following tasks:
- Add third-party content to Splunk Security Essentials. See Integrate third-party content in Splunk Security Essentials.
- Configure content using the ShowcaseInfo.json schema in Splunk Security Essentials. See Use the schemas in Splunk Security Essentials.
- Author simple and full-feature content on Splunk Security Essentials. See Author simple and full-feature content on Splunk Security Essentials.
- Use the Splunk Security Essentials file directory. See Splunk Security Essentials file directory.
Last modified on 20 January, 2023
| Integrate third-party content in Splunk Security Essentials |
This documentation applies to the following versions of Splunk® Security Essentials: 3.7.1, 3.8.0, 3.8.1
Download manual
Feedback submitted, thanks!