rinoxRinox
Log inTry free
pushpythonscheduledhand-curated

OpenCTI → Splunk

Forward OpenCTI STIX2 indicators to Splunk HEC hourly

Hourly export of new OpenCTI indicators to Splunk via HEC as NDJSON. Preserves valid_from/valid_until and indicator pattern_type for hunting.

openctisplunkstix2hecpushmoderate
Generate this integration← Back to library
Use case

Forward new OpenCTI STIX2 indicators to Splunk HEC every hour, preserve STIX timestamps and pattern_type, deduplicate by indicator STIX id

No code yet. Click below to run the Rinox pipeline. The result is saved to this library entry — every future visitor gets it instantly.

Generate this integrationCustomize firstSign-in + free-tier limit apply

Useful?

Used by 0 teams · Viewed 5 times · Last validated 5/17/2026