Threat Intelligence Security Center for Splunk

Splunk Community
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Threat Intelligence Security Center for Splunk

Threat Intelligence Security Center for Splunk
The Threat Intelligence Security Center for Splunk with the ServiceNow integration provides an efficient way to enrich security operations by automating the retrieval, storage, and analysis of observables. Users can configure the interval at which they want to pull observables from the connected ServiceNow instance. This interval determines how frequently the system will make requests to ServiceNow to retrieve the observables data. Users can define and apply filters to specify which observables they want to pull from the ServiceNow instance. Once the observables are pulled from ServiceNow, they are stored in Splunk’s KV Store (Key-Value Store) and users can write correlation rules over the set of observables which were pulled in.
Ask a Question View in Splunkbase
0 topics and 0 replies mentioned Threat Intelligence Security Center for Splunk in
Latest Topics
No posts to display.
Latest Replies
No posts to display.
Top Topics
No posts to display.
My Topics
No posts to display.