Solera DeepSee App for Splunk

Thanks For Downloading!

Review the documentation below and follow any custom installation steps. If no install steps are listed, most Splunk Apps and Add-ons can be installed as follows:

Windows: Decompress the downloaded file using a tool like 7-Zip and place the resulting folder into %PROGRAMFILES%\Splunk\etc\apps. Then restart Splunk using the splunk restart command or the GUI.

Unix/Linux: Decompress the downloaded file using a tool like tar -xvf and place the resulting folder into $SPLUNK_HOME/etc/apps. Then restart Splunk using the splunk restart command or the GUI.

Connects events found in Splunk to the full packet capture and reconstruction of the event in Solera DS Appliances.

A free 30-day trial of the Solera Virtual Appliance can be downloaded at www.soleranetworks.com

Investigate any network security event with depth and clarity with the Solera DeepSee App for Splunk. Solera DS Appliances and Virtual Appliances capture, classify, and index 100% of network traffic acquired via SPAN port or network tap. Network sessions can be instantly searched, replayed, or reconstructed to provide the ultimate level of visibility on the network -- a full fidelity record of every packet. The amount of storage used equates to the amount of history desired and network bandwidth.

This app adds a powerful Investigate button to each event found in Splunk. With a single click users can pivot from events in Splunk to the full packet capture and application reconstruction in the Solera DeepSee interface or even download a PCAP file of the full session within seconds. Solera DeepSee provides the data to act with confidence and secure your network against Next Generation Threats.

Solera DS Appliances achieve the following use cases:

• Comprehensive situational awareness of the network, applications, content, and users
• High fidelity surveillance of individuals or systems
• NIST-recommended Continuous Monitoring to support risk management decisions
• Real-time active response to incidents limiting damage and mitigating ongoing risk
• Root cause analysis of malware and data breach to find and close initial vulnerability
• Discovery of breach source and scope for regulatory compliance and remediation
• Discovery and elimination persistent threats on the network preventing further loss
• Deterrence of insider threats with continuous network surveillance
• A platform to perform true Next Generation Threat Prevention

Compatible with any Solera DS Appliance running Solera OS 4.1 or later including the Solera Virtual Appliance (available for a free 30-day trial at www.soleranetworks.com).