#
Welcome to the Docs!
The SA-CrowdstrikeDevices add-on allows Splunk Enterprise Security admins to use CrowdStrike device data with the Asset Database. This documentation will cover the components used in the add-on and advanced configurations.
Important
This Supporting add-on is only intended to work with Splunk Enterprise Security deployments.
Disclaimer
This Splunk Supporting Add-on is not affiliated with Crowdstrike, Inc. and is not sponsored or sanctioned by the Crowdstrike team. As such, the included documentation does not contain information on how to get started with Crowdstrike. Rather, this documentation serves as a guide to use Crowdstrike device data with Splunk Enterprise Security. Please visit https://www.crowdstrike.com for more information about Crowdstrike.
#
Assumptions
This documentation assumes the following:
- You have a working Splunk Enterprise Security environment. This add-on is not intended to work without Splunk ES.
- You already have Crowdstrike device data ingested using the Crowdstrike Devices technical add-on.
- Familiarity with setting up a new Asset source in Enterprise Security.