Splunk SIEM implementation for Threat Intelligence companies with custom JS and CSS


A leading Threat Intelligence product company wanted to develop a Splunk App to enrich their Advisory Intelligence Reports and present Network Traffic as rich visualization Dashboard.


  • Develop a Splunk App with Add-on
  • Create custom dashboards with rich visualization using Tables, Columns, Timelines, Pie Charts, Bar Charts, Single Values.

Extend the Splunk UI.

Loginsoft leveraged our extensive expertise in Splunk to develop best in class visual dashboards with custom icons.

Our team developed a Python program to extract data from an API source in to Splunk as Add-on, The team then configured custom Dashboards as Table, Columns, Timelines, Pie Charts, Bar Charts, Single Value elements.

Custom Tooltip using JavaScript
Loginsoft leveraged Jquery and JavaScript to enable log visualization, a feature not currently available in Splunk. One new functionality was the ceation of a custom Tooltip i.e. a mouse hover popup on a data point in the timeline graph.

Custom Icons:
Loginsoft leveraged JavaScript to create custom icons and also make the text color based on an event trigger for one of the dashboards as shown below.

Configuration Bundle with Custom CSS:
Splunk does not currently allow users to show Checkbox options alongside count. To facilitate our client’s request for this feature, Loginsoft bundled a Checkbox Input with table data from Splunk by overwriting Splunk’s default style with Loginsoft’s custom CSS.

Additionally, Loginsoft leveraged JavaScript to add functionalities that allow users to append graphs in order of selection.