Awesome ES

A curated list of awesome resources for Splunk Enterprise Security.

Contents

• Basics
• Education and Training
• Professional Services
• SOAR Integration
• Threat Intelligence
• .Conf Presentations

Basics

Resources for getting started with Splunk Enterprise Security.

• Splunk Website
  • Downloads
  • Previous Releases
  • Awesome Splunk - A curated list of awesome Splunk resources.
• Splunk Enterprise Security Homepage
  • Downloads - Download page for licensed users.
  • Documentation
  • ES Splunk Blog Posts
  • Splunk ES Content Update - Regularly updated pre-packaged Security Content for use in Splunk ES.

Education and Training

• Tutorial - Tutorial on creation of new Correlation Searches.
• Training Classes
  • Using Splunk Enterprise Security
    • Suggested Learning Path
  • Administering Splunk Enterprise Security
    • Suggested Learning Path
• Certifications
  • Splunk Enterprise Security Certified Admin
    • Splunk Enterprise Security Certified Admin Blueprint - A guide to the examinable material in the ES Admin certification.

Professional Services

Need to get the experts involved in an Enterprise Security implementation, or seeing guidance.

• Splunk Security and Compliance Service Offerings
• Splunk Partners for Enterprise Security Implementation

Risk Based Alerting

• RBA All Day - Reduce noise by using a Risk Based approach to notable event generation.
  • SA-RBA - Solution AddOn for ES, adds custom visualisations and correlation searches for RBA.
  • Phantom RBA - Phantom functions for RBA investigations and enrichment.

SOAR Integration

• Splunk Phantom
  • Awesome Phantom - Awesome resources for Splunk Phantom.

Threat Intelligence

• Awesome Threat Intelligence - A curated list of awesome threat intelligence resources.

.Conf Presentations

Selected .conf presentations related to various aspects of Splunk Enterprise Security.

• All .Conf Presentations for Enterprise Security
• How to Migrate from Legacy SIEM to Splunk
• Enterprise Security Multi-Tenant Fundamentals

Contribute

Contributions welcome! Read the contribution guidelines first.

License

To the extent possible under law, Simon Duff has waived all copyright and related or neighbouring rights to this work.