Splunk Enterprise Security

Use case to report on users who are accessing systems or data that is not within their regular usage?

vikkysplunk
Explorer

Hi All, is any one created Use case to report on users who are accessing systems or data that is not within their regular usage?

Labels (1)
0 Karma

richgalloway
SplunkTrust
SplunkTrust

That sounds like Splunk UBA (User Behavior Analytics).  See https://www.splunk.com/en_us/software/user-behavior-analytics.html

---
If this reply helps you, an upvote would be appreciated.

vikkysplunk
Explorer

@richgalloway Hi, is there any way we can create the use case for "Use case to report on users who are accessing systems or data that is not within their regular usage profile " in splunk with out using UBA?

0 Karma

richgalloway
SplunkTrust
SplunkTrust

Is there a way?  Probably.  If it was easy, though, Splunk wouldn't have bought UBA.

---
If this reply helps you, an upvote would be appreciated.
0 Karma
.conf21 CFS Extended through 5/20!

Don't miss your chance
to share your Splunk
wisdom in-person or
virtually at .conf21!

Call for Speakers has
been extended through
Thursday, 5/20!