Splunk App for Behavioral Profiling

The Splunk App for Behavioral Profiling is a collection of workflows which enable you to operationalize machine learning driven detection and scoring of behavioral anomalies at scale in complex environments, correlated to profile and highlight the entities which require investigation. Deploy Behavioral Anomaly Rules Define and schedule behavioral indicators and scoring rules with the help of a guided workflow, which turns the behaviors you want to track into operationalised anomaly detection rules, outputing behavioral scores aligned to entities. Investigate Entities Utilise the dashboards provided to view and drill-down on the entities which have the highest behavioral scores, using the panels provided to investigate the pattern of activity and mark the entity as reviewed or allow listed if required. Monitor Performance Ensure your rules continue to execute effectively by monitoring their performance and output via the provided views, allowing easy adjustment if necessary to continue to allow you to find the entities that matter.