ICS-CERT Advisories project add-on for Splunk
A Splunk Add-On for the Dan Ricci's project https://github.com/icsadvprj/ICS-Advisory-Project
All you need to do is copy the ICS-CERT_ADV_Master*.csv file from https://github.com/icsadvprj/ICS-Advisory-Project/tree/main/ICS-CERT_ADV and put it in the lookups folder of the app
The CWE lookups are from MITRE : https://cwe.mitre.org/data/index.html
This Open-source project is available and contributed to under licenses that include terms that, for the protection of contributors, this Splunk Add-On for the ICS Advisory projects is offered "as-is," without warranty, and is not liable for damages resulting from using the app,reports,dashboards or the data from this project.
*** For any bugs, comments or feature requests, please DM me at https://www.linkedin.com/in/efik/