I would like to know if Splunk has any documentation that shows some pre-created rules, like those of elastic for example.
Below is the reference:
https://www.elastic.co/guide/en/security/current/prebuilt-rules.html.
I want to create some rules for firewall, antivirus and office 365.
Thanks
https://github.com/splunk/security_content
You might also want to check out the Security Essentials app - https://splunkbase.splunk.com/app/3435/