Splunk App for Enterprise Security
The Splunk App for Enterprise Security helps customers identify and address emerging security threats through the use of continuous monitoring, alerting and analytics. Suitable for a small security team or an enterprise security operations center, the app is the primary data interface for the analytics enabled security operation. * Situational awareness dashboards give custom views of risk per domain, asset, or identity * Incident Review provide analysis workflows that reveal the priority of the incident, incident context, and impact on assets and identities * Analysis centers provide indicators of unknown threats from traffic abnormalities * Correlation tools enable monitoring for new attackers by correlating new domain registration with web activity * Statistical outlier detection tools aid anomaly detection * Unified Threat Intelligence from many sources * Data inputs provided for NetFlow, logs, RDBMS, APIs, & more
Splunk App for Citrix CloudBridge
The Splunk for Citrix CloudBridge app provides visibility into the traffic handled by the CloudBridge appliance. CloudBridge generates AppFlow (IPFIX) records that can be consumed and detailed reports generated. The app is intended to highlight the available information and it facilitates customers to adapt it to their needs. The provided set of reports covers the following: Top applications and users WAN latency measurements Citrix ICA detailed reports for XenApp and XenDesktop Compression benefits
Splunk for Cisco Firewalls
This add-on has been DEPRECATED. A new add-on has been released for Cisco firewalls and can be downloaded here -> http://apps.splunk.com/app/1620/ This add-on only collects and extracts data. The add-on does not include visualizations. The Cisco Security Suite contains visualizations for Cisco Firewalls as well as other Cisco security related products. The Cisco Security Suite can be downloaded here -> http://apps.splunk.com/app/525/ ================================================= The Splunk for Cisco Firewalls technology add-on is a collection of inputs, field extractions, and other search-time knowledge that is used to drive reporting and search for data collected from Cisco firewall devices - FWSM, Pix, ASA.