Our blog

Onboarding Sunburst Threat Indicators into Splunk Enterprise Security

Using Splunk Statistical Commands: Eventstats and Streamstats by bitsIO

Properly onboarding threat indicators is critical to powering Splunk Enterprise Security for SUNBURST activity detection. This article provides tips to successfully:

  • set up threat intelligence downloads
  • check the creation of threat intelligence artifacts
  • ensure proper parsing of downloaded data

“Onboarding Threat Indicators into Splunk Enterprise Security: SolarWinds Continued” on splunk.com:

https://www.splunk.com/en_us/blog/security/smoothing-the-bumps-of-onboarding-threat-indicators-into-splunk-enterprise-security.html