I don't have Enterprise Security FYI... Just Enterprise Search. Appreciate your assistance in this matter...
Thanks
Hi @Ted1621,
if you don't have Enterprise Security, you could see in other Security Apps, if there are some dashboard interesting for your, for example:
Then you can see apps for the technologies you have (e.g. Azure or Cisco, etc...).
Thank you , I do have all those you mention already.
Hi @Ted1621,
if you already have these apps, the only following step is Enterprise Security!
I hint this approach because I had to create a SIEM without ES for a customer and it was a very hard work and result wasn't so beautiful as ES.
there's another one App I forgot to report: the Mitre Att&ck App for Splunk (https://splunkbase.splunk.com/app/4617) that's useful to give an high level overview of your security mapping related to Mitre Att&ck.
Ciao.
Giuseppe