About the Netfilter Iptables application for Splunk¶
- Author: Guilhem Marchand
- First release was published on starting 2014
- Purposes:
The Netfilter Iptables application for Splunk manage Linux iptables based firewall logs (iptables, ufw...) generated to provide easy and accessible information about the firewall activity of your servers.
It is a very simple and lightweight application.
Splunk versions¶
The application is compatible with any version of Splunk 6.4 and later
Index time operations¶
The Netfilter application relies on the installation of the “Linux Netfilter (iptables)” technology add-on:
Index creation¶
The application does not create any index at installation time.
Summarization implementation¶
The application does not currently implement any piece of summarization, accelerated reports or data models.