Splunk Enterprise Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Predefined use cases

praveen_kamble
New Member
‎10-10-2015 04:20 AM

Dear Team,

We are planning to use splunk for monitoring (security) purpose as an SIEM service. What i wanted to ask here is "is their any way to find out for the list of already available (predefined) rules, reports and dashboards", like other SIEM.

I heard from many people the use-cases comes as default when we install the log source/device specific apps. For ex: Palo Alto, Symantec DLP, Symantec AV etc.

But how do we differentiate which one comes pre-defined ?

Best Regards
Praveen Kamble

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎10-10-2015 09:53 AM

As Martin says, if you look at Splunk Enterprise Security, you will find a lot of what you are looking for. The User Manual contains information about all the dashboards and key indicators.

Reply

martin_mueller
SplunkTrust
SplunkTrust
‎10-10-2015 04:48 AM

You'll want to take a look at Splunk Enterprise Security: http://www.splunk.com/en_us/products/premium-solutions/splunk-enterprise-security.html

Comes with lots of predefined rules, reports, and dashboards.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Platform | Upgrading your Splunk Deployment to Python 3.9

Splunk initially announced the removal of Python 2 during the release of Splunk Enterprise 8.0.0, aiming to ...

From Product Design to User Insights: Boosting App Developer Identity on Splunkbase

co-authored by Yiyun Zhu & Dan Hosaka Engaging with the Community at .conf24 At .conf24, we revitalized the ...

Detect and Resolve Issues in a Kubernetes Environment

We’ve gone through common problems one can encounter in a Kubernetes environment, their impacts, and the ...