Splunk Enterprise Security

GPTKB entity

Statements (48)
Predicate Object
gptkbp:instanceOf security information and event management software
gptkbp:category gptkb:security
SIEM
gptkbp:deployment gptkb:cloud_service
on-premises
gptkbp:developedBy gptkb:Splunk_Inc.
gptkbp:documentation https://docs.splunk.com/Documentation/ES
gptkbp:feature advanced analytics
compliance reporting
incident response
threat detection
data model acceleration
dashboard visualizations
customizable alerts
integration with third-party security tools
asset and identity framework
correlation searches
integration with Splunk SOAR
integration with threat intelligence
investigation workflows
notable events
real-time security monitoring
risk-based alerting
support for MITRE ATT&CK framework
gptkbp:firstReleased 2012
https://www.w3.org/2000/01/rdf-schema#label Splunk Enterprise Security
gptkbp:latestReleaseVersion 2024
7.2.0
gptkbp:license proprietary
gptkbp:operatingSystem gptkb:Windows
gptkb:Linux
gptkbp:platform gptkb:Splunk_platform
gptkbp:supports gptkb:REST_API
gptkb:machine_learning
role-based access control
data enrichment
multi-tenancy
compliance standards (PCI DSS, HIPAA, etc.)
custom apps and add-ons
data ingestion from multiple sources
gptkbp:usedFor gptkb:security
forensics
log management
compliance management
threat hunting
gptkbp:website https://www.splunk.com/en_us/software/enterprise-security.html
gptkbp:bfsParent gptkb:Splunk_Security
gptkbp:bfsLayer 7