Splunk Tech Talks
Deep-dives for technical practitioners.

There's No Place Like Chrome and the Splunk Platform

WhitneySink
Splunk Employee
Splunk Employee

 

Malware. Risky Extensions. Data Exfiltration. End-users are increasingly reliant on browsers to access corporate resources. This usage explosion has brought browser security front and center. Google Chrome is one of the largest browsers and includes several security controls. Now, Chrome and Splunk are partnering to enhance browser security. Join this tech talk to see an overview and demo of a joint solution that delivers security use case visibility and uses the Splunk platform to automate Google Chrome control response.

Key Takeaways:

  • Dangers of malware, extensions, and data exfiltration
  • Why it’s important to protect your organization against these threats
  • How to use the end to end solution

Screenshot 2023-09-26 at 1.23.51 PM.png

WhitneySink
Splunk Employee
Splunk Employee

How to Get Started with Google Chrome Add-On for Splunk

Navigate over to Splunkbase to install the Google Chrome Add-on for Splunk and Google Chrome App for Splunk. If you need helping getting started, take a look at our resources below:

Eradicate the risks that come from risky browser behavior and make your enterprise more resilient by installing the Google Chrome Add-on for Splunk and the Google Chrome App for Splunk today!  

WhitneySink
Splunk Employee
Splunk Employee

You have questions, we have answers!

Here are the questions and answers from our Tech Talk:

 

Q: What products do I need for this?

A: Splunk Core (version 8.2.x and above) and Chrome Browser Cloud Management

 

Q: Do I need to have Splunk Enterprise Security?

A: Splunk Enterprise Security is not required. All events are CIM tagged so any Splunk Enterprise Security content built on the data models that an event is tagged to will populate with the tagged event.

 

Q: Where can I find this app?  Will it be Splunk supported?

A: In Splunkbase. The chrome add-on and app are built by "Splunk Works", Splunk Field Solutions (internal Splunk teams). They don't carry the official Splunk SLAs but there is an internal team that actively works on it, bug fixes and enhancements. 

 

Q: Per splunkbase, this app is not supported by Splunk.  Safe to assume it is?

A: ^Same answer as above.

 

Q: Will there be automatic updates of the add-on for users, so that new security issues are continually being protected against?

A: Yes. We will monitor the list of chrome events that are being released by Google Chrome team and build new use cases or enhance existing ones within Splunk.

 

Get Updates on the Splunk Community!

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud  In today’s fast-paced digital ...

Observability protocols to know about

Observability protocols define the specifications or formats for collecting, encoding, transporting, and ...

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...