All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Tealeaf and Splunk

hconsidine
Engager
‎12-17-2013 07:45 AM

Hi we are just starting a Proof of concept with Splunk so appreciate that I am totally new. We are looking to do some Splunk with Tealeaf data. Specifically, event data. We are having challenges Tealeaf's CEP (Complex Event Processing) to generate the file. Has anyone done this or have any advice? Thanks!

Tags (1)
Reply

gesman
Communicator
‎10-17-2014 08:28 AM

I currently using TeaLeaf data exports into Splunk mostly for Fraud investigation and security analytics purposes for big financial brokerage and banking client.

We setup regular hourly and daily cxConnect log data exports into Splunk and I also built a set of customized Splunk dashboards allowing to run very quick drilldown views, such as:

"show me all accounts there were accessed by this group of IP addresses" or:

"alert me when multiple accounts were accessed by the same IP / User Agent combo".

Above queries is not something TeaLeaf is capable of and so Splunk comes really handy as a custom security investigation dashboard solution.

I plan to write a detailed blog about possibilities of combining TeaLeaf with Splunk. If anyone is really interested in that - I can make it happen faster so more people will be able to share and benefit from this technology.

Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...