ALTIA-CSIRT Splunk is an application that automates the deployment of a specialized set of security alerts focused on protecting the Splunk platform itself. It provides continuous monitoring of authentication events, configuration changes, privilege escalations, and anomalous activities within the Splunk environment. By enabling rapid detection of potential misuse or compromise of the SIEM infrastructure, this solution safeguards the integrity, availability, and confidentiality of the organization’s core security analytics platform, reinforcing trust in Splunk as the backbone of security operations.