Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint security with Splunk's extensive investigation and visualization capabilities to deliver an advanced security reporting and analysis tool.
Wanted to see if this repo could be updated to include the latest lookups in the following location:
Splunk-Apps/Splunk_TA_paloalto/lookups/
Specifically, the threat_list.csv but a few of the lookups are dated.
I have read the following as a means to keep the Threat and App lookups updated but unfortunately that technique doesn't work for my environment:
https://splunk.paloaltonetworks.com/lookups.html