diff --git a/analyzers/Splunk/README.md b/analyzers/Splunk/README.md
new file mode 100644
index 000000000..84a79f2f0
--- /dev/null
+++ b/analyzers/Splunk/README.md
@@ -0,0 +1,66 @@
+This analyzer allows you to execute a list of searches in Splunk by passing the element you are looking for as a parameter
+
+This analyzer comes in 10 flavors:
+- Splunk_Search_**Domain_FQDN**: Dispatch a list of saved searches on a given domain/fqdn
+- Splunk_Search_**File_Filename**: Dispatch a list of saved searches on a given file/filename
+- Splunk_Search_**Hash**: Dispatch a list of saved searches on a given hash
+- Splunk_Search_**IP**: Dispatch a list of saved searches on a given IP (IPv4 only)
+- Splunk_Search_**Mail_Email**: Dispatch a list of saved searches on a given mail/email
+- Splunk_Search_**Mail_Subject**: Dispatch a list of saved searches on a given mail_subject
+- Splunk_Search_**Other**: Dispatch a list of saved searches on a given data (any type)
+- Splunk_Search_**Registry**: Dispatch a list of saved searches on a given registry
+- Splunk_Search_**URL_URI_Path**: Dispatch a list of saved searches on a given url/uri_path
+- Splunk_Search_**User_Agent**: Dispatch a list of saved searches on a given user_agent
+- Splunk_Search_**User**: Dispatch a list of saved searches on a given user id (variable name is 'other'
+
+#### Requirements
+You need to have access to a Splunk instance with a dedicated account. For any saved search you want to use, you have to group them in the same Application and with the same owner.
+When you configure an analyzer, it will ask you these information:
+- **host**: This is the domain name or the IP of your Splunk instance.
+- **port**: This is the port to reach to access Splunk (API) (Splunk default to 8089).
+- **port_gui**: This is the port to reach to access Splunk (HTTP) (Splunk default to 8000).
+- **username** (optional): If your Splunk instance has authentication, you need an account to access to it (and to the indexes you want to search). Please avoid to use admin. 
+- **password** (optional): If your Splunk instance has authentication, this is the password of the previous account. Please avoid to use admin and respect password complexity. No token access is supported.
+- **application**: This is the application in which all the saved searches are stored on your Splunk instance.
+- **owner**: This is the owner of all the saved searches, it must be the same for all of them. This can be different from the username mentionned above but you will need shared rights.
+- **savedsearches**: A list of all saved searches you want to execute. You just have to put the name of the saved searches here. **Each saved search will be executed/dispatch in parallel (and so they will become jobs)  but the Cortex job will finish once all Splunk jobs are done**.
+- **earliest_time**: If not empty, this parameter will specify the earliest time to use for all searches. If empty, the earliest time set in the saved search will be used by Splunk 
+- **latest_time**: If not empty, this parameter will specify the latest time to use for all searches. If empty, the latest time set in the saved search will be used by Splunk 
+- **max_count**: This parameter is set to 1,000 by default. It's the number of results to recover from the job. A limit is set to avoid any trouble in TheHive/Cortex on the GUI. If value is set to 0, then all available results are returned.
+
+#### How to recover arguments in Splunk ?
+All arguments can be retrieve using "$args.DATATYPE$". As an example is better than a long speech, here it is:
+Imagine that you have a search with this query:
+```
+index=myindex_internet sourcetype=mysourcetype url=$args.url$*
+| stats count by user, url, src_ip
+```
+This query will recover the data using $args.url$.
+
+So, you can recover your data using :
+- $args.type$: This parameter indicates the type of data (if you need so)
+
+- $args.domain$: This parameter contains the data for an analysis over a domain
+- $args.fqdn$: This parameter contains the data for an analysis over a fqdn
+- $args.file$: This parameter contains the data for an analysis over a file
+- $args.filename$: This parameter contains the data for an analysis over a filename
+- $args.hash$: This parameter contains the data for an analysis over a hash
+- $args.ip$: This parameter contains the data for an analysis over a ip
+- $args.mail$: This parameter contains the data for an analysis over a mail
+- $args.email$: This parameter contains the data for an analysis over a email
+- $args.mail_subject$: This parameter contains the data for an analysis over a email_subject
+- $args.other$: This parameter contains the data for an analysis over a other
+- $args.registry$: This parameter contains the data for an analysis over a registry
+- $args.url$: This parameter contains the data for an analysis over a url
+- $args.uri_path$: This parameter contains the data for an analysis over a uri_path
+- $args.user-agent$: This parameter contains the data for an analysis over a user-agent
+
+#### Taxonomies
+They are 5 taxonomies available on this analyzer:
+- **Splunk:Results**: Indicates the total number of results found by all the saved searches
+- **Splunk:Info** (optional): Indicates the total number of results which have a field "level" set to "info"
+- **Splunk:Safe** (optional): Indicates the total number of results which have a field "level" set to "safe"
+- **Splunk:Suspicious** (optional): Indicates the total number of results which have a field "level" set to "suspicious"
+- **Splunk:Malicious** (optional): Indicates the total number of results which have a field "level" set to "malicious"
+
+As mentionned above, your saved searches can return a field named "level" which will be interpreted by Cortex/TheHive as a taxonomy and will create reports accordingly to the value (info,safe,suspicious or malicious)
diff --git a/analyzers/Splunk/Splunk_Search_domain_fqdn.json b/analyzers/Splunk/Splunk_Search_domain_fqdn.json
index 5cd51cdee..9c19afe51 100644
--- a/analyzers/Splunk/Splunk_Search_domain_fqdn.json
+++ b/analyzers/Splunk/Splunk_Search_domain_fqdn.json
@@ -92,5 +92,22 @@
       "defaultValue": 1000
     }
     ],
-    "command": "Splunk/splunk.py"
+    "command": "Splunk/splunk.py",
+    "registration_required": false,
+    "subscription_required": false,
+    "free_subscription": true,
+    "service_logo": {
+      "path": "assets/splunk_domain_logo.png",
+      "caption": "logo"
+    },
+    "screenshots": [
+      {
+        "path": "assets/Splunk_Search_Domain_FQDN_long.png",
+        "caption": "Splunk_Search_Domain_FQDN long report sample"
+      },
+      {
+        "path": "assets/Splunk_Search_Domain_FQDN_short.png",
+        "caption:": "Splunk_Search_Domain_FQDN short report sample"
+      }
+   ] 
 } 
diff --git a/analyzers/Splunk/Splunk_Search_file_filename.json b/analyzers/Splunk/Splunk_Search_file_filename.json
index 88171fc11..31566c236 100644
--- a/analyzers/Splunk/Splunk_Search_file_filename.json
+++ b/analyzers/Splunk/Splunk_Search_file_filename.json
@@ -92,5 +92,22 @@
       "defaultValue": 1000
     }
     ],
-    "command": "Splunk/splunk.py"
+    "command": "Splunk/splunk.py",
+    "registration_required": false,
+    "subscription_required": false,
+    "free_subscription": true,
+    "service_logo": {
+      "path": "assets/splunk_file_logo.png",
+      "caption": "logo"
+    },
+    "screenshots": [
+      {
+        "path": "assets/Splunk_Search_File_Filename_long.png",
+        "caption": "Splunk_Search_File_Filename long report sample"
+      },
+      {
+        "path": "assets/Splunk_Search_File_Filename_short.png",
+        "caption:": "Splunk_Search_File_Filename short report sample"
+      }
+   ]
 } 
diff --git a/analyzers/Splunk/Splunk_Search_hash.json b/analyzers/Splunk/Splunk_Search_hash.json
index 2aa06361d..71a8f24c7 100644
--- a/analyzers/Splunk/Splunk_Search_hash.json
+++ b/analyzers/Splunk/Splunk_Search_hash.json
@@ -92,5 +92,22 @@
       "defaultValue": 1000
     }
     ],
-    "command": "Splunk/splunk.py"
+    "command": "Splunk/splunk.py",
+    "registration_required": false,
+    "subscription_required": false,
+    "free_subscription": true,
+    "service_logo": {
+      "path": "assets/splunk_hash_logo.png",
+      "caption": "logo"
+    },
+    "screenshots": [
+      {
+        "path": "assets/Splunk_Search_Hash_long.png",
+        "caption": "Splunk_Search_Hash long report sample"
+      },
+      {
+        "path": "assets/Splunk_Search_Hash_short.png",
+        "caption:": "Splunk_Search_Hash short report sample"
+      }
+   ]
 } 
diff --git a/analyzers/Splunk/Splunk_Search_ip.json b/analyzers/Splunk/Splunk_Search_ip.json
index 74ee3a3cb..8b7fe2f88 100644
--- a/analyzers/Splunk/Splunk_Search_ip.json
+++ b/analyzers/Splunk/Splunk_Search_ip.json
@@ -92,5 +92,22 @@
       "defaultValue": 1000
     }
     ],
-    "command": "Splunk/splunk.py"
+    "command": "Splunk/splunk.py",
+    "registration_required": false,
+    "subscription_required": false,
+    "free_subscription": true,
+    "service_logo": {
+      "path": "assets/splunk_ip_logo.png",
+      "caption": "logo"
+    },
+    "screenshots": [
+      {
+        "path": "assets/Splunk_Search_IP_long.png",
+        "caption": "Splunk_Search_IP long report sample"
+      },
+      {
+        "path": "assets/Splunk_Search_IP_short.png",
+        "caption:": "Splunk_Search_IP short report sample"
+      }
+   ]
 } 
diff --git a/analyzers/Splunk/Splunk_Search_mail_email.json b/analyzers/Splunk/Splunk_Search_mail_email.json
index 3f53fc298..1a61a9ebc 100644
--- a/analyzers/Splunk/Splunk_Search_mail_email.json
+++ b/analyzers/Splunk/Splunk_Search_mail_email.json
@@ -92,5 +92,22 @@
       "defaultValue": 1000
     }
     ],
-    "command": "Splunk/splunk.py"
+    "command": "Splunk/splunk.py",
+    "registration_required": false,
+    "subscription_required": false,
+    "free_subscription": true,
+    "service_logo": {
+      "path": "assets/splunk_mail_logo.png",
+      "caption": "logo"
+    },
+    "screenshots": [
+      {
+        "path": "assets/Splunk_Search_Mail_Email_long.png",
+        "caption": "Splunk_Search_Mail_Email long report sample"
+      },
+      {
+        "path": "assets/Splunk_Search_Mail_Email_short.png",
+        "caption:": "Splunk_Search_Mail_Email short report sample"
+      }
+    ]
 } 
diff --git a/analyzers/Splunk/Splunk_Search_mail_subject.json b/analyzers/Splunk/Splunk_Search_mail_subject.json
index 38df7b2bf..b72dc625c 100644
--- a/analyzers/Splunk/Splunk_Search_mail_subject.json
+++ b/analyzers/Splunk/Splunk_Search_mail_subject.json
@@ -92,5 +92,22 @@
       "defaultValue": 1000
     }
     ],
-    "command": "Splunk/splunk.py"
+    "command": "Splunk/splunk.py",
+    "registration_required": false,
+    "subscription_required": false,
+    "free_subscription": true,
+    "service_logo": {
+      "path": "assets/splunk_mail_subject_logo.png",
+      "caption": "logo"
+    },
+    "screenshots": [
+      {
+        "path": "assets/Splunk_Search_Mail_Subject_long.png",
+        "caption": "Splunk_Search_Mail_Subject long report sample"
+      },
+      {
+        "path": "assets/Splunk_Search_Mail_Subject_short.png",
+        "caption:": "Splunk_Search_Mail_Subject short report sample"
+      }
+   ]
 } 
diff --git a/analyzers/Splunk/Splunk_Search_other.json b/analyzers/Splunk/Splunk_Search_other.json
index cafefdc4a..7be09e9d2 100644
--- a/analyzers/Splunk/Splunk_Search_other.json
+++ b/analyzers/Splunk/Splunk_Search_other.json
@@ -92,5 +92,22 @@
       "defaultValue": 1000
     }
     ],
-    "command": "Splunk/splunk.py"
+    "command": "Splunk/splunk.py",
+    "registration_required": false,
+    "subscription_required": false,
+    "free_subscription": true,
+    "service_logo": {
+      "path": "assets/splunk_other_logo.png",
+      "caption": "logo"
+    },
+    "screenshots": [
+      {
+        "path": "assets/Splunk_Search_Other_long.png",
+        "caption": "Splunk_Search_Other long report sample"
+      },
+      {
+        "path": "assets/Splunk_Search_Other_short.png",
+        "caption:": "Splunk_Search_Other short report sample"
+      }
+    ]
 } 
diff --git a/analyzers/Splunk/Splunk_Search_registry.json b/analyzers/Splunk/Splunk_Search_registry.json
index b9b73b8aa..da70a939f 100644
--- a/analyzers/Splunk/Splunk_Search_registry.json
+++ b/analyzers/Splunk/Splunk_Search_registry.json
@@ -92,5 +92,22 @@
       "defaultValue": 1000
     }
     ],
-    "command": "Splunk/splunk.py"
+    "command": "Splunk/splunk.py",
+    "registration_required": false,
+    "subscription_required": false,
+    "free_subscription": true,
+    "service_logo": {
+      "path": "assets/splunk_registry_logo.png",
+      "caption": "logo"
+    },
+    "screenshots": [
+      {
+        "path": "assets/Splunk_Search_Registry_long.png",
+        "caption": "Splunk_Search_Registry long report sample"
+      },
+      {
+        "path": "assets/Splunk_Search_Registry_short.png",
+        "caption:": "Splunk_Search_Registry short report sample"
+      }
+   ]
 } 
diff --git a/analyzers/Splunk/Splunk_Search_url_uri_path.json b/analyzers/Splunk/Splunk_Search_url_uri_path.json
index 0fa3b6bc6..62b48e28a 100644
--- a/analyzers/Splunk/Splunk_Search_url_uri_path.json
+++ b/analyzers/Splunk/Splunk_Search_url_uri_path.json
@@ -92,5 +92,22 @@
       "defaultValue": 1000
     }
     ],
-    "command": "Splunk/splunk.py"
+    "command": "Splunk/splunk.py",
+    "registration_required": false,
+    "subscription_required": false,
+    "free_subscription": true,
+    "service_logo": {
+      "path": "assets/splunk_url_logo.png",
+      "caption": "logo"
+    },
+    "screenshots": [
+      {
+        "path": "assets/Splunk_Search_URL_URI_Path_long.png",
+        "caption": "Splunk_Search_URL_URI_Path long report sample"
+      },
+      {
+        "path": "assets/Splunk_Search_URL_URI_Path_short.png",
+        "caption:": "Splunk_Search_URL_URI_Path short report sample"
+      }
+   ]
 } 
diff --git a/analyzers/Splunk/Splunk_Search_user.json b/analyzers/Splunk/Splunk_Search_user.json
index 481f79a77..54229120d 100644
--- a/analyzers/Splunk/Splunk_Search_user.json
+++ b/analyzers/Splunk/Splunk_Search_user.json
@@ -92,5 +92,22 @@
       "defaultValue": 1000
     }
     ],
-    "command": "Splunk/splunk.py"
+    "command": "Splunk/splunk.py",
+    "registration_required": false,
+    "subscription_required": false,
+    "free_subscription": true,
+    "service_logo": {
+      "path": "assets/splunk_user_logo.png",
+      "caption": "logo"
+    },
+    "screenshots": [
+      {
+        "path": "assets/Splunk_Search_User_long.png",
+        "caption": "Splunk_Search_User long report sample"
+      },
+      {
+        "path": "assets/Splunk_Search_User_short.png",
+        "caption:": "Splunk_Search_User short report sample"
+      }
+    ]
 } 
diff --git a/analyzers/Splunk/Splunk_Search_user_agent.json b/analyzers/Splunk/Splunk_Search_user_agent.json
index 5f7a58721..35276df29 100644
--- a/analyzers/Splunk/Splunk_Search_user_agent.json
+++ b/analyzers/Splunk/Splunk_Search_user_agent.json
@@ -4,7 +4,7 @@
     "url": "",
     "author": "Unit777, LetMeR00t",
     "license": "AGPL-V3",
-    "dataTypeList": ["user_agent"],
+    "dataTypeList": ["user-agent"],
     "description": "Execute a savedsearch on a Splunk instance with a user agent as argument",
     "baseConfig": "Splunk",
     "config": {
@@ -92,5 +92,22 @@
       "defaultValue": 1000
     }
     ],
-    "command": "Splunk/splunk.py"
+    "command": "Splunk/splunk.py",
+    "registration_required": false,
+    "subscription_required": false,
+    "free_subscription": true,
+    "service_logo": {
+      "path": "assets/splunk_user_agent_logo.png",
+      "caption": "logo"
+    },
+    "screenshots": [
+      {
+        "path": "assets/Splunk_Search_User_Agent_long.png",
+        "caption": "Splunk_Search_User_Agent long report sample"
+      },
+      {
+        "path": "assets/Splunk_Search_User_Agent_short.png",
+        "caption:": "Splunk_Search_User_Agent short report sample"
+      }
+    ]
 } 
diff --git a/analyzers/Splunk/assets/Splunk_Search_Domain_FQDN_long.png b/analyzers/Splunk/assets/Splunk_Search_Domain_FQDN_long.png
new file mode 100644
index 000000000..393211797
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_Domain_FQDN_long.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_Domain_FQDN_short.png b/analyzers/Splunk/assets/Splunk_Search_Domain_FQDN_short.png
new file mode 100644
index 000000000..849481d9f
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_Domain_FQDN_short.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_File_Filename_long.png b/analyzers/Splunk/assets/Splunk_Search_File_Filename_long.png
new file mode 100644
index 000000000..d5ad2769d
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_File_Filename_long.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_File_Filename_short.png b/analyzers/Splunk/assets/Splunk_Search_File_Filename_short.png
new file mode 100644
index 000000000..8123669a7
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_File_Filename_short.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_Hash_long.png b/analyzers/Splunk/assets/Splunk_Search_Hash_long.png
new file mode 100644
index 000000000..4543c9ffe
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_Hash_long.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_Hash_short.png b/analyzers/Splunk/assets/Splunk_Search_Hash_short.png
new file mode 100644
index 000000000..29fa2dd94
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_Hash_short.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_IP_long.png b/analyzers/Splunk/assets/Splunk_Search_IP_long.png
new file mode 100644
index 000000000..d93502eab
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_IP_long.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_IP_short.png b/analyzers/Splunk/assets/Splunk_Search_IP_short.png
new file mode 100644
index 000000000..a00d936fa
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_IP_short.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_Mail_Email_long.png b/analyzers/Splunk/assets/Splunk_Search_Mail_Email_long.png
new file mode 100644
index 000000000..ab65173d7
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_Mail_Email_long.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_Mail_Email_short.png b/analyzers/Splunk/assets/Splunk_Search_Mail_Email_short.png
new file mode 100644
index 000000000..55cd414db
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_Mail_Email_short.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_Mail_Subject_long.png b/analyzers/Splunk/assets/Splunk_Search_Mail_Subject_long.png
new file mode 100644
index 000000000..6546cf5c2
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_Mail_Subject_long.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_Mail_Subject_short.png b/analyzers/Splunk/assets/Splunk_Search_Mail_Subject_short.png
new file mode 100644
index 000000000..4ef5d5831
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_Mail_Subject_short.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_Other_long.png b/analyzers/Splunk/assets/Splunk_Search_Other_long.png
new file mode 100644
index 000000000..fcb934e3e
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_Other_long.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_Other_short.png b/analyzers/Splunk/assets/Splunk_Search_Other_short.png
new file mode 100644
index 000000000..237fbf5d8
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_Other_short.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_Registry_long.png b/analyzers/Splunk/assets/Splunk_Search_Registry_long.png
new file mode 100644
index 000000000..20a066f6c
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_Registry_long.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_Registry_short.png b/analyzers/Splunk/assets/Splunk_Search_Registry_short.png
new file mode 100644
index 000000000..a5a455e96
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_Registry_short.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_URL_URI_Path_long.png b/analyzers/Splunk/assets/Splunk_Search_URL_URI_Path_long.png
new file mode 100644
index 000000000..dd084231c
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_URL_URI_Path_long.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_URL_URI_Path_short.png b/analyzers/Splunk/assets/Splunk_Search_URL_URI_Path_short.png
new file mode 100644
index 000000000..8812731a5
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_URL_URI_Path_short.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_User_Agent_long.png b/analyzers/Splunk/assets/Splunk_Search_User_Agent_long.png
new file mode 100644
index 000000000..1b4c61bef
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_User_Agent_long.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_User_Agent_short.png b/analyzers/Splunk/assets/Splunk_Search_User_Agent_short.png
new file mode 100644
index 000000000..8c5287e9d
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_User_Agent_short.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_User_long.png b/analyzers/Splunk/assets/Splunk_Search_User_long.png
new file mode 100644
index 000000000..de587b5b5
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_User_long.png differ
diff --git a/analyzers/Splunk/assets/Splunk_Search_User_short.png b/analyzers/Splunk/assets/Splunk_Search_User_short.png
new file mode 100644
index 000000000..fa8241144
Binary files /dev/null and b/analyzers/Splunk/assets/Splunk_Search_User_short.png differ
diff --git a/analyzers/Splunk/assets/splunk_domain_logo.png b/analyzers/Splunk/assets/splunk_domain_logo.png
new file mode 100644
index 000000000..c4f4c4d6c
Binary files /dev/null and b/analyzers/Splunk/assets/splunk_domain_logo.png differ
diff --git a/analyzers/Splunk/assets/splunk_file_logo.png b/analyzers/Splunk/assets/splunk_file_logo.png
new file mode 100644
index 000000000..9a5eb79e4
Binary files /dev/null and b/analyzers/Splunk/assets/splunk_file_logo.png differ
diff --git a/analyzers/Splunk/assets/splunk_hash_logo.png b/analyzers/Splunk/assets/splunk_hash_logo.png
new file mode 100644
index 000000000..c9d853747
Binary files /dev/null and b/analyzers/Splunk/assets/splunk_hash_logo.png differ
diff --git a/analyzers/Splunk/assets/splunk_ip_logo.png b/analyzers/Splunk/assets/splunk_ip_logo.png
new file mode 100644
index 000000000..9274c1d59
Binary files /dev/null and b/analyzers/Splunk/assets/splunk_ip_logo.png differ
diff --git a/analyzers/Splunk/assets/splunk_mail_logo.png b/analyzers/Splunk/assets/splunk_mail_logo.png
new file mode 100644
index 000000000..2a744b884
Binary files /dev/null and b/analyzers/Splunk/assets/splunk_mail_logo.png differ
diff --git a/analyzers/Splunk/assets/splunk_mail_subject_logo.png b/analyzers/Splunk/assets/splunk_mail_subject_logo.png
new file mode 100644
index 000000000..2ccdb4592
Binary files /dev/null and b/analyzers/Splunk/assets/splunk_mail_subject_logo.png differ
diff --git a/analyzers/Splunk/assets/splunk_other_logo.png b/analyzers/Splunk/assets/splunk_other_logo.png
new file mode 100644
index 000000000..db14e5810
Binary files /dev/null and b/analyzers/Splunk/assets/splunk_other_logo.png differ
diff --git a/analyzers/Splunk/assets/splunk_registry_logo.png b/analyzers/Splunk/assets/splunk_registry_logo.png
new file mode 100644
index 000000000..b7f7e93dd
Binary files /dev/null and b/analyzers/Splunk/assets/splunk_registry_logo.png differ
diff --git a/analyzers/Splunk/assets/splunk_url_logo.png b/analyzers/Splunk/assets/splunk_url_logo.png
new file mode 100644
index 000000000..e09a7124f
Binary files /dev/null and b/analyzers/Splunk/assets/splunk_url_logo.png differ
diff --git a/analyzers/Splunk/assets/splunk_user_agent_logo.png b/analyzers/Splunk/assets/splunk_user_agent_logo.png
new file mode 100644
index 000000000..01463cde4
Binary files /dev/null and b/analyzers/Splunk/assets/splunk_user_agent_logo.png differ
diff --git a/analyzers/Splunk/assets/splunk_user_logo.png b/analyzers/Splunk/assets/splunk_user_logo.png
new file mode 100644
index 000000000..eae965512
Binary files /dev/null and b/analyzers/Splunk/assets/splunk_user_logo.png differ
diff --git a/analyzers/Splunk/credits.txt b/analyzers/Splunk/credits.txt
new file mode 100644
index 000000000..377c2982e
--- /dev/null
+++ b/analyzers/Splunk/credits.txt
@@ -0,0 +1,7 @@
+Credits for images:
+
+Icons made by <a href="https://www.flaticon.com/authors/good-ware" title="Good Ware">Good Ware</a> from <a href="https://www.flaticon.com/" title="Flaticon"> www.flaticon.com</a>
+Icons made by <a href="https://www.flaticon.com/authors/smashicons" title="Smashicons">Smashicons</a> from <a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a>
+Icons made by <a href="https://www.flaticon.com/authors/freepik" title="Freepik">Freepik</a> from <a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a>
+Icons made by <a href="https://www.flaticon.com/free-icon/browser_1253392?term=url&page=5&position=43" title="photo3idea_studio">photo3idea_studio</a> from <a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a>
+Icons made by <a href="https://www.flaticon.com/authors/prosymbols" title="Prosymbols">Prosymbols</a> from <a href="https://www.flaticon.com/" title="Flaticon">www.flaticon.com</a>
diff --git a/analyzers/Splunk/splunk.py b/analyzers/Splunk/splunk.py
index 2aebb6dab..b0f02fc9f 100755
--- a/analyzers/Splunk/splunk.py
+++ b/analyzers/Splunk/splunk.py
@@ -23,7 +23,7 @@ def __init__(self):
         self.OWNER = self.getParam('config.owner', None, 'Owner parameter is missing')
         self.APP = self.getParam('config.application', None, 'Application parameter is missing')
         self.SAVEDSEARCHES = self.getParam('config.saved_searches', None, 'At least one Splunk savedsearch name is required')
-        self.EARLIEST = self.getParam('config.earliest_time', "-6mon@mon")
+        self.EARLIEST = self.getParam('config.earliest_time', None)
         self.LATEST = self.getParam('config.latest_time', None)
         self.MAX_COUNT = self.getParam('config.max_count', None)