Splunk integrations

DomainTools provides integrations for Splunk platforms to deliver threat intelligence, domain monitoring, and investigation capabilities directly within your Splunk environment.

Available integrations

Splunk Enterprise and Cloud

The DomainTools App for Splunk Enterprise and Splunk Cloud provides comprehensive threat intelligence and domain monitoring capabilities. This app integrates DomainTools' Iris Enrich, Iris Investigate, Iris Detect, and Farsight DNSDB services into your Splunk deployment.

Key features:

• Real-time domain enrichment and threat scoring
• Automated monitoring and alerting
• Interactive dashboards for threat intelligence
• Domain investigation tools
• Passive DNS lookups with Farsight DNSDB
• Integration with Splunk Enterprise Security

Get started with Splunk Enterprise/Cloud →

Splunk SOAR

The DomainTools App for Splunk SOAR (Security Orchestration, Automation and Response) enables automated security workflows and playbook integration with DomainTools threat intelligence.

Learn about Splunk SOAR integration →

Need help?

For questions about DomainTools integrations with Splunk, contact DomainTools Enterprise Support.

In this section

• Enterprise & Cloud
  • DomainTools App for Splunk Enterprise, Cloud, and Enterprise Security
  • Installation guide
  • Dashboards
  • Investigation Tools
• SOAR
  • DomainTools App for Splunk SOAR
  • Configuration
  • Actions Reference