/awesome-es

A collection of awesome resources for Splunk Enterprise Security

Creative Commons Zero v1.0 UniversalCC0-1.0

Awesome ESAwesome

A curated list of awesome resources for Splunk Enterprise Security.

Contents

Basics

Resources for getting started with Splunk Enterprise Security.

Education and Training

Professional Services

Need to get the experts involved in an Enterprise Security implementation, or seeing guidance.

Risk Based Alerting

  • RBA All Day - Reduce noise by using a Risk Based approach to notable event generation.
    • SA-RBA - Solution AddOn for ES, adds custom visualisations and correlation searches for RBA.
    • Phantom RBA - Phantom functions for RBA investigations and enrichment.

SOAR Integration

Threat Intelligence

.Conf Presentations

Selected .conf presentations related to various aspects of Splunk Enterprise Security.

Contribute

Contributions welcome! Read the contribution guidelines first.

License

CC0

To the extent possible under law, Simon Duff has waived all copyright and related or neighbouring rights to this work.