The SafeBreach Add-on for Splunk allows users to collect data from SafeBreach platform, either via API or the Syslog CEF outbound integration. The SafeBreach Add-on for Splunk collects simulation results and audit logs, then transforms and saves the data in CIM-compatible fields. The saved data can be consumed by running searches and creating manual correlations for the simulation results, or using the SafeBreach App for Splunk Enterprise, which provides dashboards for visual representation of the data. In addition, SafeBreach Insights can be fetched via API for later visualization of the security gaps discovered by SafeBreach simulations, as well as for generation of Notable events per SafeBreach Insight that can be consumed in Splunk ES application.