This application provides a dashboard that allows users to monitor firewall traffic according to frequently and rarely used rules. The goal is to provide recommendations based on rule groupings in order to optimize the number of firewall rules.
Splunk Common Information Model (CIM) Add-on (https://splunkbase.splunk.com/app/1621/)
The app uses CIM data models in order to monitor network traffic. Therefore, users are recommended to utilize proper Technology Add-ons for accurate data model mappings.
Version 1.0.0
- Date: 11 Mar 2020
- Initial version for Splunkbase
- Tested on 8.0.x
Contact information for reporting an issue: development@seynur.com
For latest fixes/changes: https://github.com/seynur/firewall_rule_analysis