Splunk Enterprise Security

DLP endpoint logs vs. Enterprise Security


Hi there,

We are receiving logs from a Data Loss Prevention (DLP) system about what users access, etc and we want to analyze it with Enterprise Security. (Semi) Out-of-the-box solutions preferred.
I found a DLP Data model, but couldn't find any dashboard, etc. which uses it for any correlations. Also, ES Content Updates App doesn't provide use cases for DLP Data model.

So does anybody have an experience on this topic, what should I do with this logs?


0 Karma
Get Updates on the Splunk Community!

Splunk Forwarders and Forced Time Based Load Balancing

Splunk customers use universal forwarders to collect and send data to Splunk. A universal forwarder can send ...

NEW! Log Views in Splunk Observability Dashboards Gives Context From a Single Page

Today, Splunk Observability releases log views, a new feature for users to add their logs data from Splunk Log ...

Last Chance to Submit Your Paper For BSides Splunk - Deadline is August 12th!

Hello everyone! Don't wait to submit - The deadline is August 12th! We have truly missed the community so ...