Malwarebytes apps for Splunk FAQs

Document created by jgolomb Employee on Jun 17, 2019Last modified by jyamada on Jun 20, 2019
Version 8Show Document
  • View in full screen mode

What does each app do?

  • Malwarebytes Visibility and Dashboard app provides pre-built Splunk dashboards of Malwarebytes endpoint status data and the ability to build custom dashboards.
  • Malwarebytes Agentless Remediation app provides endpoint threat scans and removal with a dis-solvable agent that leaves no impact on endpoint performance.
  • Malwarebytes Cloud Remediation app provides integration with Malwarebytes Cloud Platform.
  • Technical Add-on for Malwarebytes is an app that allows Malwarebytes to communicate with Splunk through Splunk’s Common Information Model format.

 

Where can I find more information and download the apps?

  • For Malwarebytes apps for Splunk, go to Splunkbase and search for Malwarebytes.
  • For Malwarebytes app for Splunk Phantom, log in to splunk>phantom with your Splunk Phantom credentials and search for Malwarebytes.

 

What are the app system requirements?

System requirements are posted in Splunkbase on each Malwarebytes app Overview page.

 

Do I need to buy these apps?

There is no cost to use Malwarebytes apps for Splunk. For more information, see the End User License Agreement posted on the Overview page for each app.

 

Who do I contact if I have an issue with the apps?

Submit a support ticket with our Malwarebytes Business Support team.

 

What support is available for the apps?

Support for the apps are provided at the same level of service that you have for Malwarebytes.

 

Where can I find installation and configuration documentation?

 

Which apps should I install for each Malwarebytes Business product?

  • The Technical Add-on app is a Malwarebytes interface to Splunk Common Information Model. This app is required for all of Malwarebytes integration.
  • If you have Malwarebytes Endpoint Protection, you should install the following apps:
    • Malwarebytes Dashboard and Visibility app
    • Malwarebytes Cloud Remediation app
    • Technical Add-on for Malwarebytes
  • If you have Malwarebytes Incident Response, you should install the following apps:
    • Malwarebytes Cloud Remediation app
    • Technical Add-on for Malwarebytes
    • Optional: Malwarebytes Dashboard and Visibility app if you perform lots of scans outside of Splunk.
  • If you have Malwarebytes Breach Remediation, you should install the following apps:
    • Malwarebytes Agentless Remediation app
    • Technical Add-on for Malwarebytes
    • Optional: Malwarebytes Dashboard and Visibility app if you perform lots of scans outside of Splunk.
  • If you have Malwarebytes Endpoint Security, you should install the following apps:
    • Malwarebytes Visibility and Dashboards app
    • Technical Add-on for Malwarebytes. Remediation from Splunk is not available for Malwarebytes Endpoint Security.

 

How do I get started if I'm not a Malwarebytes customer?

Sign up for a free trial of Malwarebytes Business, then download the app from Splunkbase. A Malwarebytes account manager will reach out to you for a custom guided trial after you've signed up.

 

How do I get started if I'm not a Splunk customer?

You can download a free trial on Splunk's website.

Attachments

    Outcomes