This technology add-on provides a simple way to connect to your Reveal tenant so that detection, incident, and audit log events can be pulled into Splunk.

Leverage detections to gain insight into unauthorized and unusual user activities on endpoints and strengthen your data loss prevention strategy. Use incidents to cut down triage and investigation time by viewing detections that have been grouped together because they have the same root cause. Access audit logs to capture details about operator interactions with the Reveal UI and Reveal API, providing you with important compliance and security information for your organization.