Hello! I wanted to know if IBM AppScan can integrate with Splunk. Mainly, is there a way to ingest vulnerabilities from an IBM AppScan into Splunk? I don't see a Splunk add-on for AppScan and I haven't found any questions about this on the answer forums.
From what I've found, there's nothing pre-built as an "easy solution". According to this question it can be done using the AppScan SDK.
From what I've found, there's nothing pre-built as an "easy solution". According to this question it can be done using the AppScan SDK.
Thanks for the quick reply! I see though. Seems like it's possible, but not easy. Have you seen anywhere if this has been done by somebody with Splunk yet?
I have not. I think most users integrate into QRadar, which has a direct integration, but nothing to Splunk that I've seen yet.
There is a git repository that uses the Splunk REST API to send messages from the IBM Integration Bus found here. Currently it looks like the IBM developer network is having issues right now, so I can't really search it.
I see, surprised nobody has tried it yet. Unless they have and just haven't posted anything about it. Would be interesting to do though. Oh that's good to know, thank you for the info!