Splunk gives security, IT operations and application delivery teams powerful insights and valuable operational intelligence across your entire organization. Its powerful search, visualization and alerting capabilities enable them to understand current operations more effectively than ever before, and configure simple alert actions to respond to certain issues automatically.
But when difficult operations issues arise, splunk’s simple script and web-hook alert actions may not be enough. And waiting for human-scale response times to incipient cyber activity or complex IT system failures means greater impact to operations.
With >rapid response, your operations teams can easily capture their deep expertise into powerful custom alert actions that execute within milliseconds. >rapid response alert actions enable your operations teams to systematically orchestrate and track response actions at all layers of the stack across the entire enterprise in real-time, all the while maintaining secure positive control over all automated actions.
But where>rapid response really shines is in its ability to automate sophisticated dynamic response strategies – strategies that dynamically interact with splunk’s powerful search and analysis capabilities to drill down on an issue, determine root cause, and orchestrate the most effective response actions for the situation.
>rapid response consists of two parts:
1. rapid response app – installs on the Splunk server 2. rapid response service (AppSymphony) – installs on its own host
You can download the >rapid response app from Splunkbase.
>rapid response server is available here.
updated .../default/savedsearches.conf to disable realtime alert per certification precheck. this alert is only used to verify successful installation.
Splunk's App Certification program uses a specific set of criteria to evaluate the level of quality, usability and security your app offers to its users. In addition, we evaluate the documentation and support you offer to your app's users.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.