Skip to content

bitwarden/splunk

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

91 Commits

.github

.github

 
 

package

package

 
 

src

src

 
 

tests

tests

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

deploy.sh

deploy.sh

 
 

globalConfig.json

globalConfig.json

 
 

package.sh

package.sh

 
 

poetry.lock

poetry.lock

 
 

pyproject.toml

pyproject.toml

 
 

Repository files navigation

Bitwarden Splunk App

A Splunk app for reporting Bitwarden event logs.

Getting started

Follow the steps in Bitwarden Splunk SIEM

Contributing

This app requires Python 3.8 installed. Install Poetry if not already installed.

Activate shell: poetry shell

Install dependencies: poetry install --with dev

Local Development

  • Install docker.
  • Run splunk enterprise docker run --rm --name splunk -d -p 8001:8000 -p 8089:8089 -e SPLUNK_START_ARGS='--accept-license' -e SPLUNK_PASSWORD='password' splunk/splunk:latest
  • Package and Deploy to splunk:
    • ./package.sh
    • ./deploy.sh
  • Access logs:
    • docker exec -u splunk -it splunk bash
    • tail -f /opt/splunk/var/log/splunk/bitwarden_event_logs_beta.log
  • Access Splunk url in the browser: http://localhost:8001
    • Enter credentials, login: admin, password: password
    • Click on the Apps -> Bitwarden Event Logs
    • Complete the Setup

Preparing for release

Modify the version in the pyproject.toml

Preparing for prod (non-beta) release

Remove the _beta suffix from:

About

Splunk app for reporting Bitwarden event logs.

Resources

Readme
Activity
Custom properties

Stars

11 stars

Watchers

15 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 9

Languages