TrendAI Cyber Risk Exposure Management for Splunk

TrendAI Cyber Risk Exposure Management for Splunk extracts website access logs from Splunk and uploads the data to TrendAI. TrendAI then analyzes the data and provides Identity and Risk Insights for your entire organization allowing administrators to track their users' cloud application access. This app accesses CIM-compliant logs. In conjunction with TrendAI's unique cloud reputation service, administrators gain insight into: 1. The top risky cloud apps being accessed. 2. The users or devices that generate the most access records. Supported CIM-compliant logs: This app extracts website information from the site, url, or dest fields of the Common Information Model (CIM) web data model. The priority follows: site > url > dest. The following CIM-compliant products (sourcetype) have been verified: 1. Palo Alto (pan:threat) 2. Fortinet FortiGate (fgt_utm) 3. Forcepoint Web Security (websense:cg:kv) 4. Zscaler (zscalernss-web) 5. Cisco Meraki (meraki-urls) 6. Cisco Umbrella SIG (opendns:proxy) 7. Symantec ProxySG (bluecoat:proxysg:access:syslog)