CrowdStrike Falcon FileVantage Add-on for Splunk Installation and Configuration Guide
This guide covers the deployment, configuration and usage of the CrowdStrike Falcon FileVantage Technical Add-on (TA) for Splunk v2.1.0 and above. The CrowdStrike Falcon FileVantage Technical Add-on for Splunk allows CrowdStrike customers to retrieve FileVantage event data from CrowdStrike APIs and index it into Splunk.
For deploying and configuring the CrowdStrike Falcon FileVantage Splunk Technical Add-On located on Splunkbase.
For technical information on installation, policy configuration and more, please visit the CrowdStrike Tech Center.Visit the Tech Center