Splunk App for Enterprise Security
A single solution to detect known threats and look for unknown threats through analysis of massive volumes of activity data.
Splunk Common Information Model
The Common Information Model is a set of field names and tags which are expected to define the least common denominator of a domain of interest. It is implemented as documentation on the Splunk docs website and JSON data model files in this add-on. Use the CIM add-on when modeling data or building apps to ensure compatibility between apps, or to just take advantage of these data models to pivot and report.
Sideview Utils (LGPL)
Sideview Utils provides new and easier-to-use modules for the Splunk UI. You can mix and match these new modules with the core UI modules that ship with Splunk. As you start using the new modules in your Splunk views, your views will become much simpler to create and maintain (and even a little more powerful). Over time as you upgrade to the new modules and new techniques, you'll find that many of the parts of the Splunk UI that were the hardest to use are simply gone,