A curated list of awesome resources for Splunk Enterprise Security.
- Basics
- Education and Training
- Professional Services
- SOAR Integration
- Threat Intelligence
- .Conf Presentations
Resources for getting started with Splunk Enterprise Security.
- Splunk Website
- Downloads
- Previous Releases
- Awesome Splunk - A curated list of awesome Splunk resources.
- Splunk Enterprise Security Homepage
- Downloads - Download page for licensed users.
- Documentation
- ES Splunk Blog Posts
- Splunk ES Content Update - Regularly updated pre-packaged Security Content for use in Splunk ES.
- Tutorial - Tutorial on creation of new Correlation Searches.
- Training Classes
- Certifications
- Splunk Enterprise Security Certified Admin
- Splunk Enterprise Security Certified Admin Blueprint - A guide to the examinable material in the ES Admin certification.
- Splunk Enterprise Security Certified Admin
Need to get the experts involved in an Enterprise Security implementation, or seeing guidance.
- Splunk Security and Compliance Service Offerings
- Splunk Partners for Enterprise Security Implementation
- RBA All Day - Reduce noise by using a Risk Based approach to notable event generation.
- SA-RBA - Solution AddOn for ES, adds custom visualisations and correlation searches for RBA.
- Phantom RBA - Phantom functions for RBA investigations and enrichment.
- Splunk Phantom
- Awesome Phantom - Awesome resources for Splunk Phantom.
- Awesome Threat Intelligence - A curated list of awesome threat intelligence resources.
Selected .conf presentations related to various aspects of Splunk Enterprise Security.
- All .Conf Presentations for Enterprise Security
- How to Migrate from Legacy SIEM to Splunk
- Enterprise Security Multi-Tenant Fundamentals
Contributions welcome! Read the contribution guidelines first.
To the extent possible under law, Simon Duff has waived all copyright and related or neighbouring rights to this work.