Splunk® Security Essentials

Use Splunk Security Essentials

This documentation does not apply to the most recent version of Splunk® Security Essentials. For documentation on the most recent version, go to the latest release.

Understand the data sources used in Splunk Security Essentials with the Data Source On-boarding Guides

Use the Data Source On-boarding Guides as a method to improve standardization in on-boarding data. The Data Source On-boarding Guides page includes a list of the Data Sources that are commonly used in Splunk Security Essentials, along with some of the common products for each. In this list, many of the products have guides that show you how to configure the products in your environment to send the logs required to fire security detections. To view these guides, follow these steps:

  1. In Splunk Security Essentials, navigate to Data > Data Source On-boarding Guides.
  2. Click the data source you are interested in to see more information and the associated guides.
Last modified on 06 January, 2021
Check data sources with the Data Source Check dashboard  

This documentation applies to the following versions of Splunk® Security Essentials: 3.3.0, 3.3.1, 3.3.2, 3.3.3, 3.3.4, 3.4.0, 3.5.0, 3.5.1, 3.6.0


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters