Splunk Enterprise Security

Use case to report on users who are accessing systems or data that is not within their regular usage?

vikkysplunk
Path Finder

Hi All, is any one created Use case to report on users who are accessing systems or data that is not within their regular usage?

Labels (1)
0 Karma

richgalloway
SplunkTrust
SplunkTrust

That sounds like Splunk UBA (User Behavior Analytics).  See https://www.splunk.com/en_us/software/user-behavior-analytics.html

---
If this reply helps you, Karma would be appreciated.

vikkysplunk
Path Finder

@richgalloway Hi, is there any way we can create the use case for "Use case to report on users who are accessing systems or data that is not within their regular usage profile " in splunk with out using UBA?

0 Karma

richgalloway
SplunkTrust
SplunkTrust

Is there a way?  Probably.  If it was easy, though, Splunk wouldn't have bought UBA.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Get Updates on the Splunk Community!

Splunk Forwarders and Forced Time Based Load Balancing

Splunk customers use universal forwarders to collect and send data to Splunk. A universal forwarder can send ...

NEW! Log Views in Splunk Observability Dashboards Gives Context From a Single Page

Today, Splunk Observability releases log views, a new feature for users to add their logs data from Splunk Log ...

Last Chance to Submit Your Paper For BSides Splunk - Deadline is August 12th!

Hello everyone! Don't wait to submit - The deadline is August 12th! We have truly missed the community so ...