top of page

Integrate Splunk with Alienvault OTX Threat Intelligence Feed

Integrating threat intelligence with Splunk is an important functionality. There are many different ways to accomplish this, but with Dataflect you can pull indicators of compromise directly via API and store in a Splunk lookup file. You can then use these indicators for proactive monitoring and alerting or in dashboards and reports. This demonstration will show you how to accomplish this by integrating with Alienvault OTX.

Sign up for an Alienvault OTX Account

Navigate to and sign up in order to obtain an API Key. Once you have this API Key store it in a secure place, you will need this later.

Find at least one Pulse that interests you, and subscribe

Navigate to while signed in to your previously created account, find at least one Pulse that you are interested in, and subscribe.

Add to the list of Allowed Domains in Dataflect

Create a credential in Dataflect with your OTX API Key

Now you have the ability to search indicators added to the pulses you subscribe to

This information can be formatted as a lookup that you can then use in searches, alerts, reports, or dashboards

With Dataflect it's that easy. Contact us at for a demo today!


Recent Posts

See All


bottom of page