Splunk 是一個廣泛用於搜尋、監控和分析機器產生的大數據的軟體平台,例如日誌、事件資料以及其他形式的結構化和非結構化資料。 它旨在幫助組織即時獲得對其數據的寶貴見解,使他們能夠做出明智的決策、識別趨勢、解決問題、檢測異常並優化各個領域的性能。
Splunk 的主要功能包括:資料收集、索引和搜尋、即時監控、視覺化和報告、警報和關聯、安全性和合規性、機器學習。
顯示所有 2 筆結果
This Splunk enhancement add-on pack provides additional normalization and CIM mapping to the original apps. Those enhancements are based on best practices and therefore can enhance Splunk detection ratio and more effective investigation for SOC team.
This Splunk Security Detection Correlation Rule and Dashboard pack contain Splunk correlation rule and dashboard developed by our team. All the correlation rules are not overlapped with Splunk Enterprise Security, Splunk Security Essentials, and Splunk ES Content Update.