Back to the Blog

Splunk ES - Lets Correlate

Posted by Krishan Patel on Tuesday, February 17, 2015 - 15:52 Operational Intelligence Splunk, ES, correlation searches

Splunk ES – Creating Custom Correlation Searches

 

In today's blog I will be discussing one of the very valuable features of the Splunk App for Enterprise Security. Correlation searches provide a very highly customizable level of security based detection and alerting within Splunk and ES.

 

What is a Correlation Search?

A correlations search is a type of saved search used to detect suspicious events or patterns in your data. If a suspicious event is detected, a notable event is created. The notable event...

read more

Splunk App for Enterprise Security and PCI Compliance Correlation Search Drill-downs

Posted by Anshu Rastogi on Monday, July 15, 2013 - 12:44 Operational Intelligence correlation searches, drill-down, Enterprise Security, PCI, Splunk, time range

Introduction

Welcome! In this post we'll talk about time ranges in correlation search drill-downs in two apps, the Splunk App for Enterprise Security (ES) and The Splunk App for PCI Compliance (PCI).

Correlation Searches and Drilling Down

Okay, so what exactly are we talking about regarding correlation searches and drilling-down? ...

read more
Stay In Touch