Splunk Content Control Tool

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for P4T12ICK from gravatar.com P4T12ICK Avatar for pyth0n1c from gravatar.com pyth0n1c

Unverified details

These details have not been verified by PyPI
Meta
  • License: Other/Proprietary License (Apache 2.0)
  • Author: STRT
  • Requires: Python <3.14, >=3.11
Classifiers
Report project as malware

Project description

contentctl

the logo for the contentctl project, which depicts a doodled 4 legged animal that is supposed to represent a capybara, with the name of the project below it

[!NOTE] Looking to migrate from an earlier release to the new contentctl v5+ ? Check out our migration guide here.

What is contentctl?

contentctl is a tool developed by the Splunk Threat Research Team to help with managing the content living in splunk/security_content and producing the Enterprise Security Content Update app for Splunk. While its development is largely driven by STRT's needs, it has been somewhat genericized and can be used by customers and partners to package their own content. Simply put, contentctl is the workhorse that packages detections, macros, lookups, dashboards into a Splunk app that you can use, and that understands the YAML structure and project layout we've selected to keep development clean.

Quick Start Guide

Check out our User Guide to get started!

Content Testing

Read more about how contentctl can help test and validate your content in a real Splunk instance here.

Sample CICD Workflows

Already using contentctl, or looking to get started with it already configured in GitHub Actions? Our guide includes workflows to help you build and test your app.

Ecosystem

Project Description
Splunk Security Content Splunk Threat Research Team's Content included in the Enterprise Security Content Update App (ESCU)
Splunk Attack Range Easily deploy a preconfigured Splunk Environment locally or on AWS containing a Splunk Instance, Windows and Linux Machines, and Attacker Tools like Kali Linux. Automatically simulate attacks or run your own
Splunk Attack Data Repository of Attack Simulation Data for writing and Testing Detections
Splunk contentctl Generate, validate, build, test, and deploy custom Security Content
SigmaHQ Sigma Rules Official Repository for Sigma Rules. These rules are an excellent starting point for new content.
PurpleSharp Attack Simulation Open source adversary simulation tool for Windows Active Directory environments (integrated into Attack Range)
Red Canary Atomic Red Team Library of attack simulations mapped to the MITRE ATT&CK® framework (integrated into Attack Range)

License

Copyright 2023 Splunk Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for P4T12ICK from gravatar.com P4T12ICK Avatar for pyth0n1c from gravatar.com pyth0n1c

Unverified details

These details have not been verified by PyPI
Meta
  • License: Other/Proprietary License (Apache 2.0)
  • Author: STRT
  • Requires: Python <3.14, >=3.11
Classifiers

Release history Release notifications | RSS feed

This version

5.6.0

5.5.16

5.5.15

5.5.14

5.5.13

5.5.12

5.5.11

5.5.10

5.5.9

5.5.8

5.5.7

5.5.6

5.5.5

5.5.4

5.5.3

5.5.2

5.5.1

5.5.0

5.4.1

5.4.0

5.3.2

5.3.1

5.3.0

5.2.0

5.1.0

5.0.5

5.0.4

5.0.3

5.0.2

5.0.1

5.0.0

5.0.0a3 pre-release

5.0.0a2 pre-release

5.0.0a0 pre-release

4.4.7

4.4.6

4.4.5

4.4.4

4.4.3

4.4.1

4.4.0

4.3.5

4.3.4

4.3.3

4.3.2

4.3.1

4.3.0

4.2.5

4.2.4

4.2.2

4.2.1

4.2.0

4.1.5

4.1.4

4.1.3

4.1.2

4.1.1

4.1.0

4.0.5

4.0.4

4.0.3

4.0.2

4.0.1

3.6.0

3.5.0

3.4.3

3.4.2

3.4.1

3.4.0

3.3.0

3.2.0

3.1.0

3.0.2

3.0.1

3.0.0

2.0.1

2.0.0

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

contentctl-5.6.0.tar.gz (234.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

contentctl-5.6.0-py3-none-any.whl (300.4 kB view details)

Uploaded Python 3

File details

Details for the file contentctl-5.6.0.tar.gz.

File metadata

  • Download URL: contentctl-5.6.0.tar.gz
  • Upload date:
  • Size: 234.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.3.4 CPython/3.11.15 Linux/6.8.0-1044-azure

File hashes

Hashes for contentctl-5.6.0.tar.gz
Algorithm Hash digest
SHA256 1a5df899621e5f0c43bdd11f4a603dfd855d1f29cd379254a815c69da4e8dc58
MD5 7adb7787af8f749b81a8c8da83a61b3b
BLAKE2b-256 a945068faccf68fdd86f888a143420fe213600e5ef782431e42cc607c92a95b4

See more details on using hashes here.

File details

Details for the file contentctl-5.6.0-py3-none-any.whl.

File metadata

  • Download URL: contentctl-5.6.0-py3-none-any.whl
  • Upload date:
  • Size: 300.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.3.4 CPython/3.11.15 Linux/6.8.0-1044-azure

File hashes

Hashes for contentctl-5.6.0-py3-none-any.whl
Algorithm Hash digest
SHA256 e656890e4c66d9dbae01f9b00b2fc7420e71fc3e97d5131b87493e0c5ecbaa4d
MD5 23226593ba216a6c24153a511f905503
BLAKE2b-256 2fe14bc779abe92c5e96343b6849057018420f7599bf42a3881af4749e2dfc38

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page