You have been redirected from paterva.com. Maltego.com is the new home for all information regarding Maltego products. Read more about this in a message from the Paterva team and in this blog post and FAQ. close
home Transform Hub data categories - Cybersecurity

Splunk

By Maltego Technologies
Leverage the full power of Splunk data in your Maltego investigations.
Splunk integration for Maltego
Cybersecurity Infrastructure CERT Cyber and Digital Forensics

Splunk Enterprise Integration for Maltego 

Splunk is a software platform used for monitoring, searching, analyzing, and visualizing machine-generated log data in real-time. It provides insights to technology infrastructure, security systems, and various business applications that help drive operational performance and business results. 

The Splunk Enterprise integration for Maltego combines the full advantage of the Splunk Common Information Model (CIM) with the investigative capabilities of link analysis. SOC teams and cyber security and threat analysts alike can easily query the following CIM data models: 

  • Authentication 
  • Endpoint 
  • Malware 
  • Network Resolution 
  • Network Sessions 
  • Network Traffic 
  • Vulnerabilities 

Investigators can also perform raw searches, using Splunk’s Search Processing Language to get other events that may not yet be part of the data models. 

Splunk use case in Maltego

  • SOCs and CERTs
  • Incident Response
  • Threat Analysts
  • Trust and Safety Teams

Integration Benefits

Leverage Splunk Integration for

Incident Response
Analyze and investigate Splunk alerts by exploring and visualizing details of Splunk events, network logs, timestamps, accounts, and more. Pivot directly from Splunk data to threat intelligence feeds to enrich your security analysis.
Vulnerability Assessment
Enrich information associated with Hash Entities and check for relevant indicators of compromise (IOCs) in Splunk to minimize investigative time and protect your organization’s network.
Threat Hunting
Improve & automate your threat hunting process by pivoting from Threat Intelligence Reports to IOCs and Splunk events in minutes instead of hours, with the enrichment provided by our Free and Paid Intelligence vendors.

Pricing & Access

Community Hub
Available only for Enterprise plan users with a Maltego commercial license (One, Classic, XL).
Commercial Hub
Users with a Maltego One, Classic, or XL license and an Enterprise plan have the following purchase options.
Contact Us
If you are interested in learning how we can help you achieve this integration within your organization, please reach out to us using the form below. Our integration experts are happy to discuss your needs and support the integration process!

Contact


By clicking on "Send Message", you agree to the processing of the data you entered and you allow us to contact you for the purpose selected in the form. For further information, see our Data Privacy Policy.

About Maltego Technologies

Maltego empowers investigators worldwide to speed up and increase the precision of their investigations through easy data integration in a single interface, aided by powerful visualization and collaborative capabilities to quickly zero in on relevant information. Maltego is a proven tool that has empowered over one million investigations worldwide since its first launch in 2008. Due to its wide range of possible use cases ranging from threat intelligence to fraud investigations, Maltego is used by a broad audience, from security professionals and pen testers to forensic investigators, investigative journalists, and market researchers. Maltego Technologies GmbH is your partner for all Maltego products and provider of all Maltego related services.