Our blog

Onboarding Sunburst Threat Indicators into Splunk Enterprise Security

Using Splunk Statistical Commands: Eventstats and Streamstats by bitsIO

Properly onboarding threat indicators is critical to powering Splunk Enterprise Security for SUNBURST activity detection. This article provides tips to successfully:

  • set up threat intelligence downloads
  • check the creation of threat intelligence artifacts
  • ensure proper parsing of downloaded data

“Onboarding Threat Indicators into Splunk Enterprise Security: SolarWinds Continued” on splunk.com: