Splunk Tech Talks
Deep-dives for technical practitioners.

Intelligence Management with Splunk + TruSTAR

melissap
Splunk Employee
Splunk Employee

View our Tech Talk: Security Edition, Intelligence Management with Splunk + TruSTAR

Manual vetting and data from multiple sources cause analysts to waste much of their time data wrangling, taking time away from alerts that matter the most. Analysts need the ability to normalize and enrich multiple data sources for an objective view of security events. 

The TruSTAR Unified App for Splunk Enterprise and Enterprise Security helps security professionals analyze notable events and leverage intelligence to quickly understand threat context and prioritize and accelerate triage. 

Tune in to learn how to:

  • Customize data ingest preferences using TruSTAR Indicator Prioritization Intel Workflows
  • Automatically download observables into Splunk KV stores
  • Enrich and prioritize notable events in Splunk Enterprise Security 
Get Updates on the Splunk Community!

BSides Splunk 2022 - The Call for Papers is now Open!

TLDR; Main Site: https://bsidessplunk.com CFP Site: https://bsidessplunk.com/cfp CFP Opens: December 15th, ...

Sending Metrics to Splunk Enterprise With the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. The OpenTelemetry project is the second largest ...

What's New in Splunk Cloud Platform 9.0.2208?!

Howdy!  We are happy to share the newest updates in Splunk Cloud Platform 9.0.2208! Analysts can benefit ...