Solved: Savvius for Splunk Dashboards and TA Savvius (nix ...

diogofgm · ‎06-02-2016

Is there anything in savvius app / ta roadmap to make them CIM compliant?

------------
Hope I was able to help you. If so, some karma would be appreciated.

therabbit · ‎06-02-2016

Yes, we are planning to update the Savvius for Splunk Dashboards and make them CIM compliant. To be specific, this will require an update to just the app, not the TA's. The TA's will still send the data to Splunk in the same format, and the app will map (or transform) that data into the CIM format. That is a good thing, requiring no update to existing Savvius Insight or Omnipliance deployments that are sending data to Splunk, The main advantage of this will be that users of the Splunk for Security App will be able to see Savvius network analysis in their existing dashboards.

View solution in original post

therabbit · ‎06-02-2016

Yes, we are planning to update the Savvius for Splunk Dashboards and make them CIM compliant. To be specific, this will require an update to just the app, not the TA's. The TA's will still send the data to Splunk in the same format, and the app will map (or transform) that data into the CIM format. That is a good thing, requiring no update to existing Savvius Insight or Omnipliance deployments that are sending data to Splunk, The main advantage of this will be that users of the Splunk for Security App will be able to see Savvius network analysis in their existing dashboards.

Savvius for Splunk Dashboards and TA Savvius (nix and win): Is there any plan on the roadmap to make these CIM compliant?

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases