Splunk Enterprise Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

What features are available in these apps that are not available in the Splunk App for Enterprise Security?

Maheshparsi
Explorer
‎09-07-2015 10:54 PM

Hi All,

I need to know the features that are not available in the Splunk App for Enterprise Security that are available in Cisco Security Suite, McAfee Web Gateway, Splunk for Bluecoat, Splunk for F5 networks.

Can anyone help me in finding this?

Thanks in advance,

Thanks & Regards,
Mahesh P.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

mdessus_splunk
Splunk Employee
Splunk Employee
‎09-08-2015 12:08 AM

Hello,

you will find more specific dashboards in apps focused on one kind of device, but it will be easy to import them in ES or add a customized version. Anyway, in a lot of cases, you will need at least TA from Cisco or F5 apps to load and normalize the data.
I think you should ask the question in another way: what are your needs ? If you focus on security and already have a good security maturity, ES does the job. Other wise, try custom apps based on F5 and Cisco apps.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

mdessus_splunk
Splunk Employee
Splunk Employee
‎09-08-2015 12:08 AM

Hello,

you will find more specific dashboards in apps focused on one kind of device, but it will be easy to import them in ES or add a customized version. Anyway, in a lot of cases, you will need at least TA from Cisco or F5 apps to load and normalize the data.
I think you should ask the question in another way: what are your needs ? If you focus on security and already have a good security maturity, ES does the job. Other wise, try custom apps based on F5 and Cisco apps.

0 Karma
Reply
Solved! Jump to solution

Maheshparsi
Explorer
‎09-08-2015 12:36 AM

Hi mdessus,

We have a requirement, where in our client is already using Enterprise Security app in splunk. Our client require new features that are not available in Enterprise Security app. so that is why I need to know the features. Features means not in terms of capability.
For suppose, we have Threat Security dashboards in Enterprise Security app, In Cisco security Suite we have Firewall related dashboards.In same way there will be some different features between Enterprise Security app and Cisco Security Suite,McAfee Web Gateway,Splunk for Bluecoat,Splunk for F5 networks.

Thanks in advance,

Mahesh P.

0 Karma
Reply
Get Updates on the Splunk Community!

Detecting Remote Code Executions With the Splunk Threat Research Team

REGISTER NOWRemote code execution (RCE) vulnerabilities pose a significant risk to organizations. If ...

Observability | Use Synthetic Monitoring for Website Metadata Verification

If you are on Splunk Observability Cloud, you may already have Synthetic Monitoringin your observability ...

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

Tuesday, May 14, 2024  |  11AM PT / 2PM ET Register to Attend Join us for this Tech Talk and learn how to ...