Congratulations! Your organization has had the foresight to purchase Splunk’s Enterprise Security along with expert Professional Services to assure a successful implementation. This guide will serve as a checklist to help ensure you are prepared for the most successful ES deployment possible.
Splunk Attack Range allows you to create vulnerable local or cloud environments, to simulate attacks and collect the data Into Splunk. In this on-demand video Bill Ouellette (Principal Splunk Security Engineer) will provide a Step by Step Guide on setting up the “Attack Range Framework” within your Splunk test instance.
Making data CIM compliant can be a daunting and confusing exercise for new Splunkers and experienced ones alike. Often the biggest misconceptions have to do with the approach rather than the exercise itself. My biggest piece of advice – start with the end in mind.
During your SIEM journey there will be many terms thrown your way, understanding those terms is absolutely essential when it comes to your security environment. In this article, we will bring clarity to one of the more important terms in SIEM, CIM (Common Information Model) Lets Start with the Basics!
In this post, we’ll review some frequently asked questions concerning the Splunk Common Information Model, or Splunk CIM.