I was wondering if anyone could offer any help to a newcomer to the tech industry some answers about splunk?! I'm trying to compare SIEM's on the market to Splunk but can't find enough data relating to some of splunks features. So if anyone could offer any assistance to any question, it would be much much appreciated.
Explain Splunk's log correlation in laymen's terms
What is the Underlying DB?
Is there Network Forensics? Network Behavioral Analysis?
Splunk's response & actions? Is it automated?
The way the SIEM transmits events - e.g. events from the source are sent in clear text?
How does Splunk handle EPS Bursts?
What is there filtering operation?
Log Aggregation solution?
Out-of-the-box use cases?
Is there any case management?
Type of GUI?
Pattern Discovery?
Is there Identity monitoring?
It's a hefty list so if anyone could answer anything, their time would be appreciated.
... View more