Splunk® InfoSec App

User Guide

Set up controls using the InfoSec app for Splunk

Use the Compliance dashboard for visibility into controls that are often required under different compliance frameworks. The Compliance dashboard provides reports that are mapped to common compliance and security frameworks like NIST, PCI, ISO, NERC, and HIPAA. These reports utilize authentication, network, and malware data that are already used within the InfoSec App for Splunk.

You can edit and customize this dashboard based on your requirements. If you perform regular audits, you might want to add the searches that you use to respond to the audits to this dashboard.

The Compliance dashboard does not cover all aspects of information security compliance. Use this dashboard as an introduction into how you can use the Splunk platform to address compliance requirements.

Use the Compliance dashboard for the following processes:

  • Actively manage the life cycle of system and application accounts, including their creation, use, dormancy, and deletion, to minimize opportunities for attackers
  • Detect, prevent, and correct the flow of security information in networks of different trust levels
  • Control the installation, spread, and implementation of malicious code at multiple points in the Splunk Platform
  • Optimize automating the rapid update of defense, data gathering, and corrective actions
Last modified on 25 February, 2021
Investigate behaviors using the InfoSec app for Splunk   Display high level security metrics using the InfoSec app for Splunk

This documentation applies to the following versions of Splunk® InfoSec App: 1.6.4, 1.7.0

Was this topic useful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters