python build.py -d path/to/app-folder -o path/to/output-folder
build.py is necessary to remove execute permission from all files. Splunk Cloud will reject any app that contains files with execute permission, except for the "bin/" folder. Some folders have custom build.py to build patched add-on.
Export Cloudflare DNS records to Splunk
Run nmap port scanner and ingest the XML result into Splunk.
Splunk Enterprise setup.
Universal Forwarder setup.
iplocation bundled database located at "$SPLUNK_HOME/share/GeoLite2-City.mmdb" is only updated in each Splunk release. Use updateiplocation to manually update it.
Dashboards to search change history of an account or group in Active Directory.