Splunk Content Control Tool

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for P4T12ICK from gravatar.com P4T12ICK Avatar for pyth0n1c from gravatar.com pyth0n1c

Unverified details

These details have not been verified by PyPI
Meta
  • License: Other/Proprietary License (Apache 2.0)
  • Author: STRT
  • Requires: Python <3.14, >=3.11
Classifiers
Report project as malware

Project description

contentctl

the logo for the contentctl project, which depicts a doodled 4 legged animal that is supposed to represent a capybara, with the name of the project below it

[!NOTE] Looking to migrate from an earlier release to the new contentctl v5+ ? Check out our migration guide here.

What is contentctl?

contentctl is a tool developed by the Splunk Threat Research Team to help with managing the content living in splunk/security_content and producing the Enterprise Security Content Update app for Splunk. While its development is largely driven by STRT's needs, it has been somewhat genericized and can be used by customers and partners to package their own content. Simply put, contentctl is the workhorse that packages detections, macros, lookups, dashboards into a Splunk app that you can use, and that understands the YAML structure and project layout we've selected to keep development clean.

Quick Start Guide

Check out our User Guide to get started!

Content Testing

Read more about how contentctl can help test and validate your content in a real Splunk instance here.

Sample CICD Workflows

Already using contentctl, or looking to get started with it already configured in GitHub Actions? Our guide includes workflows to help you build and test your app.

Ecosystem

Project Description
Splunk Security Content Splunk Threat Research Team's Content included in the Enterprise Security Content Update App (ESCU)
Splunk Attack Range Easily deploy a preconfigured Splunk Environment locally or on AWS containing a Splunk Instance, Windows and Linux Machines, and Attacker Tools like Kali Linux. Automatically simulate attacks or run your own
Splunk Attack Data Repository of Attack Simulation Data for writing and Testing Detections
Splunk contentctl Generate, validate, build, test, and deploy custom Security Content
SigmaHQ Sigma Rules Official Repository for Sigma Rules. These rules are an excellent starting point for new content.
PurpleSharp Attack Simulation Open source adversary simulation tool for Windows Active Directory environments (integrated into Attack Range)
Red Canary Atomic Red Team Library of attack simulations mapped to the MITRE ATT&CK® framework (integrated into Attack Range)

License

Copyright 2023 Splunk Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for P4T12ICK from gravatar.com P4T12ICK Avatar for pyth0n1c from gravatar.com pyth0n1c

Unverified details

These details have not been verified by PyPI
Meta
  • License: Other/Proprietary License (Apache 2.0)
  • Author: STRT
  • Requires: Python <3.14, >=3.11
Classifiers

Release history Release notifications | RSS feed

5.6.0

This version

5.5.16

5.5.15

5.5.14

5.5.13

5.5.12

5.5.11

5.5.10

5.5.9

5.5.8

5.5.7

5.5.6

5.5.5

5.5.4

5.5.3

5.5.2

5.5.1

5.5.0

5.4.1

5.4.0

5.3.2

5.3.1

5.3.0

5.2.0

5.1.0

5.0.5

5.0.4

5.0.3

5.0.2

5.0.1

5.0.0

5.0.0a3 pre-release

5.0.0a2 pre-release

5.0.0a0 pre-release

4.4.7

4.4.6

4.4.5

4.4.4

4.4.3

4.4.1

4.4.0

4.3.5

4.3.4

4.3.3

4.3.2

4.3.1

4.3.0

4.2.5

4.2.4

4.2.2

4.2.1

4.2.0

4.1.5

4.1.4

4.1.3

4.1.2

4.1.1

4.1.0

4.0.5

4.0.4

4.0.3

4.0.2

4.0.1

3.6.0

3.5.0

3.4.3

3.4.2

3.4.1

3.4.0

3.3.0

3.2.0

3.1.0

3.0.2

3.0.1

3.0.0

2.0.1

2.0.0

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

contentctl-5.5.16.tar.gz (234.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

contentctl-5.5.16-py3-none-any.whl (300.2 kB view details)

Uploaded Python 3

File details

Details for the file contentctl-5.5.16.tar.gz.

File metadata

  • Download URL: contentctl-5.5.16.tar.gz
  • Upload date:
  • Size: 234.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.3.2 CPython/3.11.14 Linux/6.8.0-1044-azure

File hashes

Hashes for contentctl-5.5.16.tar.gz
Algorithm Hash digest
SHA256 3eb16467e84345382e0122d503c6f86ef8136242518573116bd022914f75a1b4
MD5 d7007870b84d3ca836a2188db730b1f4
BLAKE2b-256 f7f0bf8333708918daa45cc747e4c0c5337ca876c8e01f651018893f7012fb6f

See more details on using hashes here.

File details

Details for the file contentctl-5.5.16-py3-none-any.whl.

File metadata

  • Download URL: contentctl-5.5.16-py3-none-any.whl
  • Upload date:
  • Size: 300.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.3.2 CPython/3.11.14 Linux/6.8.0-1044-azure

File hashes

Hashes for contentctl-5.5.16-py3-none-any.whl
Algorithm Hash digest
SHA256 fb572d445e1b89eeb7f0bc23d89467734a68146ca779f46d85a27689c6ceec05
MD5 d2c40c729659f8ddc1f1d43409977740
BLAKE2b-256 891cf594658a83a51fb5ee3dc2d04627408f5e4d32cd7b098f3ebf81861c278a

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page