Alerting

Does Splunk have any documentation that shows some pre-created rules?

frideke2022
New Member
I would like to know if Splunk has any documentation that shows some pre-created rules, like those of elastic for example.

Below is the reference:

https://www.elastic.co/guide/en/security/current/prebuilt-rules.html.

I want to create some rules for firewall, antivirus and office 365.

Thanks

 

Labels (1)
Tags (2)
0 Karma

PickleRick
Ultra Champion

https://github.com/splunk/security_content

You might also want to check out the Security Essentials app - https://splunkbase.splunk.com/app/3435/

0 Karma
Get Updates on the Splunk Community!

Introducing Ingest Actions: Filter, Mask, Route, Repeat

WATCH NOW Ingest Actions (IA) is the best new way to easily filter, mask and route your data in Splunk® ...

Splunk Forwarders and Forced Time Based Load Balancing

Splunk customers use universal forwarders to collect and send data to Splunk. A universal forwarder can send ...

NEW! Log Views in Splunk Observability Dashboards Gives Context From a Single Page

Today, Splunk Observability releases log views, a new feature for users to add their logs data from Splunk Log ...