Splunk is a software used for hosting large data sets and computer generated log messages (audit records, audit trails, event logs, etc.), performing searches, monitoring, analysis, and other activities via their web interface. The data in Splunk can be indexed, correlated with other data, can generate dashboards, reports, alerts, and other visualizations.
Splunk Enterprise Security is a security information and event management (SIEM) solution that enables these functions on data from security technologies (e.g., identity information, endpoint, etc).
Bitsight integrates with Splunk Enterprise and Splunk Enterprise Security! The integration is available at no cost in Splunkbase, the home for all Splunk apps and add-ons built by Splunk and other vendors.
The integration has two key components:
Frequently Asked Questions
Can I run the add-on on demand or manually?
The add-on can be manually executed by disabling and then enabling a defined input. If an input is disabled and then enabled, the add-on will immediately run with the defined settings.
How can I access the pre-built Bitsight panels and alerts?
From the Bitsight add-on, go to Settings ➔ User Interfaces ➔ Prebuilt panels.
- October 25, 2021: Separated sections to their own pages.
- July 10, 2020: Published.
Feedback
0 comments
Please sign in to leave a comment.