Skip to content

rubix1138/TA_opendns-fetchstats

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
bin
bin
 
 
default
default
 
 
metadata
metadata
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

TA_opendns-fetchstats

A Splunk TA to pull stats from your OpenDNS account.

This Splunk Technology Add-on was built to pull statistics from OpenDNS. Note that OpenDNS is the home and small business version of Cisco Umbrella. The logic of this script was based on fetchstats: https://github.com/opendns/opendns-fetchstats.

Considering that OpenDNS is a free/inexpensive version of Umbrella, there isn't an API to pull down all the DNS data. What this TA does is pull statistics that are collected day by day basis. It recommended to schedule the input once per day right after midnight. The script pulls data from the previous day.

This TA only supports Splunk 8.0+ since it uses python3.

Using this Technology Add-on

  • The add-on has to be installed on Search Heads
  • If data is collected through Intermediate Heavy Forwarders, it has to be installed on Heavy Forwarders, otherwise on indexers
  • Once installed, go to which ever Splunk server will be collecting the data, go to Manage Apps, find this app and click the Set Up link under actions. Enter your username (typically an email address) and password.
  • Once the TA is configured, you can enable the input provided.

Compatibility

  • Requires Splunk 8.0 or higher.

About

A Splunk TA to pull stats from OpenDNS

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages
  NODES
COMMUNITY 1
Note 1
Project 3
USERS 1