Splunk Enterprise Security

How to implement an App or Add-on that enables Splunk employees to report security incidents?

FranziskaHodbod
New Member

I would like to integrate an app or add-on into Splunk that enables employees in the company to bring anomalies into the SIEM system through an externalization tool. For example, received phishing emails or openly lying around USB sticks.

What is the best way to implement this? Which App or Add on can you recommend?

Labels (1)
Tags (2)
0 Karma

richgalloway
SplunkTrust
SplunkTrust

Perhaps you could integrate your ticketing system with Splunk and have employees submit tickets to report security incidents.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In September, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...

New in Observability - Improvements to Custom Metrics SLOs, Log Observer Connect & ...

The latest enhancements to the Splunk observability portfolio deliver improved SLO management accuracy, better ...

Improve Data Pipelines Using Splunk Data Management

  Register Now   This Tech Talk will explore the pipeline management offerings Edge Processor and Ingest ...