Skip to content

2. Installation and Usage

Jump to bottom
Bhavin Patel edited this page Mar 13, 2020 · 7 revisions

The Splunk Security Content Exchange can be used via:

Splunk App

Grab the latest release of DA-ESS-ContentUpdate and install it on a Splunk Enterprise server (search head).

API

curl -s https://content.splunkresearch.com | jq
{
  "hello": "welcome to Splunks Research security content api",
  "available_endpoints": [
    "/stories",
    "/detections",
    "/investigations",
    "/baselines",
    "/responses",
    "/package"
  ]
}
Clone this wiki locally