Security

Creating AWS security hub custom insights in Splunk

mabaqui
Observer

Hi,

I have been using Splunk actively for three months. I have created custom insights in AWS security hub to monitor continuous compliance tasks. But, these are not setup to send alerts when there is a change in the number of failed resources. I understand it is possible to create these AWS insights in Splunk, and setup alerts when there is a change. How is this done? I imagine these would be standard searches that anyone can use.

0 Karma
Get Updates on the Splunk Community!

Dashboards: Hiding charts while search is being executed and other uses for tokens

There are a couple of features of SimpleXML / Classic dashboards that can be used to enhance the user ...

Splunk Observability Cloud's AI Assistant in Action Series: Explaining Metrics and ...

This is the fourth post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how ...

Brains, Bytes, and Boston: Learn from the Best at .conf25

When you think of Boston, you might picture colonial charm, world-class universities, or even the crack of a ...