Splunk App for Enterprise Security
The Splunk App for Enterprise Security helps customers identify and address emerging security threats through the use of continuous monitoring, alerting and analytics. Suitable for a small security team or an enterprise security operations center, the app is the primary data interface for the analytics enabled security operation. * Situational awareness dashboards give custom views of risk per domain, asset, or identity * Incident Review provide analysis workflows that reveal the priority of the incident, incident context, and impact on assets and identities * Analysis centers provide indicators of unknown threats from traffic abnormalities * Correlation tools enable monitoring for new attackers by correlating new domain registration with web activity * Statistical outlier detection tools aid anomaly detection * Unified Threat Intelligence from many sources * Data inputs provided for NetFlow, logs, RDBMS, APIs, & more
Automatic Simple XML Dashboard
This Java program add-on takes a properly formatted CSV file that contains the minimum information to generate a timechart panel in a dashboard and generates a complete Splunk Simple XML dashboard. Its main use is to rapidly prototype the comparison of various values on the same screen so that these reports can be generated for a quick comparison of values of data over time. An example input CSV file is in the lookups directory for this add-on. It is hoped that you will write your own input CSV file. title, index, sourcetype, field, avg_count, line_column_area, earliest, latest Average bytes,_internal,splunkd_access,bytes,avg,line,-24h,now Usage: Usage:java -cp GenerateDashboard input.csv label .xml Example: java -cp lib GenerateDashboard lookups/compare.csv label "My Test Dashboard" mydashboard.xml Read the README.txt for more information.
Google Maps for Splunk adds a geo-visualization module based on the Google Maps API and allows you to quickly plot geographical information on a map. Furthermore maps can be embedded in advanced dashboards.