Splunk Enterprise Security

How does Splunk Enterprise Security work?

neermine
Path Finder

hello

I want to understand the concept of how Splunk security works.
I think that it has a database of signatures of threat and when we enter the logs, it does the pattern matching. Is that right?

0 Karma
1 Solution

David
Splunk Employee
Splunk Employee

Hi neermine,

Splunk is a platform for analyzing machine generated data of all kinds from server logs to even metadata about network communications. The analysis can include simple pattern matching, behavioral analytics (spikes and newness), machine learning, and more.

To get a good sense, I'd recommend you walk through some of our examples that show how Splunk works with Security including:

If you ever need more, don't hesitate to reach out to our sales org for help.

View solution in original post

David
Splunk Employee
Splunk Employee

Hi neermine,

Splunk is a platform for analyzing machine generated data of all kinds from server logs to even metadata about network communications. The analysis can include simple pattern matching, behavioral analytics (spikes and newness), machine learning, and more.

To get a good sense, I'd recommend you walk through some of our examples that show how Splunk works with Security including:

If you ever need more, don't hesitate to reach out to our sales org for help.

neermine
Path Finder

thanks 🙂

markdennett
New Member

Hi,

Can you tell me if this uses machine learning decision tree techniques specifically? Thanks

0 Karma
Get Updates on the Splunk Community!

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud  In today’s fast-paced digital ...

Observability protocols to know about

Observability protocols define the specifications or formats for collecting, encoding, transporting, and ...

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...