Latest Version 1.0.29
February 24, 2025
Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Risk Super Handler
The Risk Super handler for Splunk Enterprise security provides services for: - Generating risk events using the Splunk Enterprise Security risk framework for Risk Based Alerting purposes (RBA) with additional levels of features - Centralizing the risk definition in a central lookup file referencial, rather than configured on a per correlation search basis - Defining a use case reference logic, which is used to lookup the risk definition and allows advanced dynamic rule definition use cases - Allowing different levels of risk objects definition, with different risk messages and risk score per risk object - Facilitating the transition from a traditional SIEM detection per use case to a Risk Based Alerting approach (RBA) For more information: https://ta-risk-superhandler.readthedocs.io
Built by Guilhem Marchand
Compatibility
Not Available
Platform Version: 10.0, 9.4, 9.3, 9.2, 9.1, 9.0
Rating
0
(0)
Log in to rate this app
Support
Developer Supported addon
The Risk Super handler for Splunk Enterprise security provides services for:
- Generating risk events using the Splunk Enterprise Security risk framework for Risk Based Alerting purposes (RBA) with additional levels of features
- Centralizing the risk definition in a central lookup file referencial, rather than configured on a per correlation search basis
- Defining a use case reference logic, which is used to lookup the risk definition and allows advanced dynamic rule definition use cases
- Allowing different levels of risk objects definition, with different risk messages and risk score per risk object
- Facilitating the transition from a traditional SIEM detection per use case to a Risk Based Alerting approach (RBA)
For more information: https://ta-risk-superhandler.readthedocs.io
Categories
Created By
Guilhem Marchand
Type
addon
Downloads
2,246
Licensing
Splunk Answers
Resources
Login to report this app listing