Splunk Enterprise Security

Predefined use cases

praveen_kamble
New Member

Dear Team,

We are planning to use splunk for monitoring (security) purpose as an SIEM service. What i wanted to ask here is "is their any way to find out for the list of already available (predefined) rules, reports and dashboards", like other SIEM.

I heard from many people the use-cases comes as default when we install the log source/device specific apps. For ex: Palo Alto, Symantec DLP, Symantec AV etc.

But how do we differentiate which one comes pre-defined ?

Best Regards
Praveen Kamble

0 Karma

ChrisG
Splunk Employee
Splunk Employee

As Martin says, if you look at Splunk Enterprise Security, you will find a lot of what you are looking for. The User Manual contains information about all the dashboards and key indicators.

martin_mueller
SplunkTrust
SplunkTrust

You'll want to take a look at Splunk Enterprise Security: http://www.splunk.com/en_us/products/premium-solutions/splunk-enterprise-security.html

Comes with lots of predefined rules, reports, and dashboards.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...