Splunk App for Enterprise Security
A single solution to detect known threats and look for unknown threats through analysis of massive volumes of activity data. Splunk App for Enterprise Security is a scalable security intelligence platform with the flexibility to make tens of terabytes of data per day security relevant through comprehensive analysis capabilities that breaks down organizational data silos and data collection issues. * Situational awareness dashboards give custom views of risk per domain, asset, or identity * Incident Review provide analysis workflows that reveal the priority of the incident, incident context, and impact on assets and identities * Analysis centers provide indicators of unknown threats from traffic abnormalities * Correlation tools enable monitoring for new attackers by correlating new domain registration with web activity * Statistical outlier detection tools aid anomaly detection * Unified Threat Intelligence from many sources * Data inputs provided for NetFlow, logs, RDBMS, APIs, & more
Splunk Add-on for Check Point OPSEC LEA Solaris
The Splunk Add-on for Check Point OPSEC LEA gives you an easy-to-use way to collect and analyze log data from Check Point R70, R75.10, R75.4, R76 and R77 platforms. Features: * Facilitates near-real-time log data analysis to help detect anomalous behavior and maintain regulatory standards compliance. * Includes a UI to simplify Check Point data collection configuration. * Monitors firewall administrative activity. * Encapsulates data collection from multiple firewalls in a single technology add-on instance.
Splunk 5.x App for Microsoft Windows
The Splunk App for Microsoft Windows ONLY works on Splunk 5.x systems. For similar functionality on Splunk 6 and later editions, please use the Splunk App for Windows Infrastructure: http://apps.splunk.com/app/1680/ The Splunk App for Windows provides examples of pre-built data inputs, searches, reports, alerts, and dashboards for Windows server and desktop management. You can monitor, manage, and troubleshoot Windows operating systems from one place. Included are scripted inputs for CPU, disk, I/O, memory, log, configuration, and user data, plus a web-based setup UI for indexing Windows Events Logs.