0 votes
1 view
in Big Data Hadoop & Spark by (55.5k points)

Can anyone tell me how to use Splunk for security?

1 Answer

0 votes
by (119k points)

The following are the six steps to use Splunk for security:

Collection: Collect the basic security logs and machine data

Normalization: Apply a standard security taxonomy. Add asset and identity data

Expansion: Collect additional high fidelity data sources to drive advanced detection of an attack

Enrichment: Augment security data with Intelligence sources for an in-depth understanding of the context and impact of the event.

Automation and Orchestration: Establish a consistent and repeatable security operation capacity.

Advanced Detection: Apply sophisticated detection mechanisms

If you are looking for an online course to learn Splunk, check out this Splunk Training course by Intellipaat.

You can watch this video on Splunk Enterprise Security:

Welcome to Intellipaat Community. Get your technical queries answered by top developers !