Splunk

Splunk SOAR Feature Video: Contextual Action Launch

Jul 27, 2021 By Splunk In Splunk

Splunk SOAR apps have a parameter for action inputs and outputs called "contains". These are used to enable contextual actions in the Splunk SOAR user interface. A common example is the contains type "ip". This is a powerful feature that the platform provides, as it allows the user to chain the output of one action as input to another.

View Video

Splunk

Read more about Splunk SOAR Feature Video: Contextual Action Launch

Splunk SOAR Feature Video: Investigation Command Line

Jul 27, 2021 By Splunk In Splunk

When you're on the Splunk SOAR investigation page, there are several ways to run actions. One of the easiest ones is to use the command line, down where you would write comments in the event. If you start off with a slash (/) you get prompting for the action you would like to choose.

View Video

Splunk

Read more about Splunk SOAR Feature Video: Investigation Command Line

Splunk SOAR Feature Video: Create a Manual Event

Jul 27, 2021 By Splunk In Splunk

If you haven’t done anything on your Splunk SOAR instance yet you'll see zeros across the top in what we call the ROI summary. So how do you get started creating events in Splunk SOAR?

View Video

Splunk

Read more about Splunk SOAR Feature Video: Create a Manual Event

Splunk SOAR Feature Video: Configure Third Party Tools

Jul 27, 2021 By Splunk In Splunk

To get started in Splunk SOAR, you will need to configure an asset. Assets are the security and infrastructure assets that you integrate with the Splunk SOAR platform, like firewalls and endpoint products. Splunk SOAR connects to these assets through apps. Apps extend the platform by integrating third-party security products and tools.

View Video

Splunk

Read more about Splunk SOAR Feature Video: Configure Third Party Tools

Splunk SOAR Feature Video: Install/Update Apps

Jul 27, 2021 By Splunk In Splunk

A common task on the Splunk SOAR platform is installing a new app, or updating existing apps. Apps extend the Splunk SOAR platform by integrating third-party security products and tools. We currently offer more than 350 premade apps that are accessible right now.

View Video

Splunk

Read more about Splunk SOAR Feature Video: Install/Update Apps

Detecting SeriousSAM CVE-2021-36934 With Splunk

Jul 27, 2021 By Splunk Threat Research Team In Splunk

SeriousSAM or CVE-2021-36934 is a Privilege Escalation Vulnerability, which allows overly permissive Access Control Lists (ACLs) that provide low privileged users read access to privileged system files including the Security Accounts Manager (SAM) database. The SAM database stores users' encrypted passwords in a Windows system. According to the Microsoft advisory, this issue affects Windows 10 1809 and above as well as certain versions of Server 2019.

Read Post

Splunk

Read more about Detecting SeriousSAM CVE-2021-36934 With Splunk

Onboarding Data in Splunk Security Analytics for AWS

Jul 26, 2021 By Splunk In Splunk

Splunk Security Analytics for AWS’ new data onboarding wizard quickly takes you from subscribing to the service to visualizing your AWS environment. We’ll walk through the wizard in this video, and you’ll see how the new process can save you hours, days or even weeks when compared to traditional data onboarding processes.

View Video

Splunk

Read more about Onboarding Data in Splunk Security Analytics for AWS

With Splunk Synthetic Monitoring, proactively find and fix your user experience issues

Jul 23, 2021 By Splunk In Splunk

Trend, visualize, and improve performance of all your page resources and third party dependencies. Detect and resolve issues faster across your critical user flows, business transactions and API endpoints using Splunk Synthetic Monitoring.

View Video

Splunk

Read more about With Splunk Synthetic Monitoring, proactively find and fix your user experience issues

Go beyond basic uptime and performance monitoring with Splunk Synthetic Monitoring

Jul 23, 2021 By Splunk In Splunk

Measure API and service uptime alongside the health of backend services and underlying infrastructure. Detect, communicate and resolve issues faster with Splunk Synthetic Monitoring to deliver better user-experiences.

View Video

Splunk

Read more about Go beyond basic uptime and performance monitoring with Splunk Synthetic Monitoring

Get Started with Splunk for Security: Splunk Security Essentials

Jul 23, 2021 By Amy Heng In Splunk

Continuing to ride the waves of Summer of Security and the launch of Splunk Security Cloud, Splunk Security Essentials is now part of the Splunk security portfolio and fully supported with an active Splunk Cloud or Splunk Enterprise license. No matter how you choose to deploy Splunk, you can apply prescriptive guidance and deploy pre-built detections from Splunk Security Essentials to Splunk Enterprise, Splunk Cloud Platform, Splunk SIEM and Splunk SOAR solutions.

Read Post

Splunk

Read more about Get Started with Splunk for Security: Splunk Security Essentials

Subscribe to Splunk

Operations | Monitoring | ITSM | DevOps | Cloud

Splunk

Splunk SOAR Feature Video: Contextual Action Launch

Splunk SOAR Feature Video: Investigation Command Line

Splunk SOAR Feature Video: Create a Manual Event

Splunk SOAR Feature Video: Configure Third Party Tools

Splunk SOAR Feature Video: Install/Update Apps

Detecting SeriousSAM CVE-2021-36934 With Splunk

Onboarding Data in Splunk Security Analytics for AWS

With Splunk Synthetic Monitoring, proactively find and fix your user experience issues

Go beyond basic uptime and performance monitoring with Splunk Synthetic Monitoring

Get Started with Splunk for Security: Splunk Security Essentials

Monthly Archive

Follow Us