Splunk App for Enterprise Security
A single solution to detect known threats and look for unknown threats through analysis of massive volumes of activity data. Splunk App for Enterprise Security is a scalable security intelligence platform with the flexibility to make tens of terabytes of data per day security relevant through comprehensive analysis capabilities that breaks down organizational data silos and data collection issues. * Situational awareness dashboards give custom views of risk per domain, asset, or identity * Incident Review provide analysis workflows that reveal the priority of the incident, incident context, and impact on assets and identities * Analysis centers provide indicators of unknown threats from traffic abnormalities * Correlation tools enable monitoring for new attackers by correlating new domain registration with web activity * Statistical outlier detection tools aid anomaly detection * Unified Threat Intelligence from many sources * Data inputs provided for NetFlow, logs, RDBMS, APIs, & more
NMON Performance Monitor for Unix and Linux Systems
NMON stands for Nigel's Performance Monitor and is available on AIX, Solaris (With Sarmon), Linux and ARM Systems. This great System Performance tool associated with Splunk power provides an Enterprise class Application to automatically collact and/or exploit NMON data ouf of the box. NMON Splunk App is designed to massively collect, convert, index and analyse NMON Metrics Data. Data collect can be done on standalone or indexers, and also with Splunk forwarders which makes the App fully compatible with Splunk distributed architecture. Splunk for NMON does global Analysis per Host, Analysis per type of metric (CPU usage, Memory, I/O...), Predictive and Comparison Analysis for both AIX, Solaris and Linux OS. Specific IBM Power Systems metrics such as Micro-Partitions and Pools CPU utilization are supported and exploited in provided interfaces. Feedback, comments and rating the App will be greatly appreciated.
Splunk DB Connect
Real-time integration between Splunk Enterprise and relational databases--now with improved access control and support for IBM DB2 and SAP Sybase. Splunk DB Connect delivers reliable, scalable, real-time integration between Splunk Enterprise and relational databases. Integrate structured data from relational databases with data in Splunk Enterprise to drive deeper levels of analysis and operational intelligence.