Splunk SIEM implementation for Threat Intelligence companies with custom JS and CSS

Customer Background
Project Goals
The Challenge
Results
Approach

Customer Background

A leading Threat Intelligence product company wanted to develop a Splunk App to enrich their Advisory Intelligence Reports and present Network Traffic as rich visualization Dashboard.

Project Goals

  • Develop a Splunk App with Add-on
  • Create custom dashboards with rich visualization using Tables, Columns, Timelines, Pie Charts, Bar Charts, Single Values.

The Challenge

Extend the Splunk UI.

Results

Loginsoft leveraged our extensive expertise in Splunk to develop best in class visual dashboards with custom icons.

Approach

Our team developed a Python program to extract data from an API source in to Splunk as Add-on, The team then configured custom Dashboards as Table, Columns, Timelines, Pie Charts, Bar Charts, Single Value elements.

Custom Tooltip using JavaScript

Loginsoft leveraged Jquery and JavaScript to enable log visualization, a feature not currently available in Splunk. One new functionality was the ceation of a custom Tooltip i.e. a mouse hover popup on a data point in the timeline graph.

Custom Icons: Loginsoft leveraged JavaScript to create custom icons and also make the text color based on an event trigger for one of the dashboards as shown below.

Configuration Bundle with Custom CSS:
Splunk does not currently allow users to show Checkbox options alongside count. To facilitate our client’s request for this feature, Loginsoft bundled a Checkbox Input with table data from Splunk by overwriting Splunk’s default style with Loginsoft’s custom CSS.

Additionally, Loginsoft leveraged JavaScript to add functionalities that allow users to append graphs in order of selection.

Case studies and Resources

Related Case Studies

Subscribe to our Newsletter

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.