Splunk Enterprise Security

Predefined use cases

praveen_kamble
New Member

Dear Team,

We are planning to use splunk for monitoring (security) purpose as an SIEM service. What i wanted to ask here is "is their any way to find out for the list of already available (predefined) rules, reports and dashboards", like other SIEM.

I heard from many people the use-cases comes as default when we install the log source/device specific apps. For ex: Palo Alto, Symantec DLP, Symantec AV etc.

But how do we differentiate which one comes pre-defined ?

Best Regards
Praveen Kamble

0 Karma

ChrisG
Splunk Employee
Splunk Employee

As Martin says, if you look at Splunk Enterprise Security, you will find a lot of what you are looking for. The User Manual contains information about all the dashboards and key indicators.

martin_mueller
SplunkTrust
SplunkTrust

You'll want to take a look at Splunk Enterprise Security: http://www.splunk.com/en_us/products/premium-solutions/splunk-enterprise-security.html

Comes with lots of predefined rules, reports, and dashboards.

0 Karma
Get Updates on the Splunk Community!

Database Performance Sidebar Panel Now on APM Database Query Performance & Service ...

We’ve streamlined the troubleshooting experience for database-related service issues by adding a database ...

IM Landing Page Filter - Now Available

We’ve added the capability for you to filter across the summary details on the main Infrastructure Monitoring ...

Dynamic Links from Alerts to IM Navigators - New in Observability Cloud

Splunk continues to improve the troubleshooting experience in Observability Cloud with this latest enhancement ...