Expanse Edge Expander's Technical Add-on for Splunk allows you to consume and access Edge Expander alerts and data through Splunk. You can configure your own Edge Expander data as a Splunk data input, configure the add-on to use a proxy, search your Edge Expander data through the Splunk UI using Splunk data queries, and more.
This allows you to:
- Easily query commonly used SIEM
- Centralize alerting
- Have a single source of truth for security-related data
- Correlate Edge Expander vulnerabilities to internal events tracked in Splunk
- Create custom reporting, dashboards, and visualizations
- Gain context for IPs and exposures observed on your network perimeter