Splunk Enterprise Security

Can I create out of box use cases from Splunk CIM data models ?

jm1
New Member

Is it possible to use data models from Common Information Model to use cases in splunk, if so, how can we do that 

Tags (1)
0 Karma

richgalloway
SplunkTrust
SplunkTrust

Yes, it is possible.  That is a big part of what makes Enterprise Security work.  You can examine existing correlation searches to see how they use datamodels for various use cases.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Get Updates on the Splunk Community!

Splunk Observability Cloud | Unified Identity - Now Available for Existing Splunk ...

Raise your hand if you’ve already forgotten your username or password when logging into an account. (We can’t ...

Index This | How many sides does a circle have?

February 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

Registration for Splunk University is Now Open!

Are you ready for an adventure in learning?   Brace yourselves because Splunk University is back, and it's ...