EAT - Environment Assessment Tool

EAT (Environment Assessment Tool) is a comprehensive, offline-capable Splunk health and security assessment framework built for Splunk architects, administrators, and security engineers. The tool walks you through 55+ checks covering every layer of a Splunk environment. cluster health, forwarder coverage, index and storage configuration, ingestion pipeline integrity, data quality, search workload, authentication controls, TLS and certificate posture, Splunk ES and SIEM effectiveness, CIM data model compliance, and MITRE ATT&CK detection coverage. Each check provides the exact SPL query or CLI command to run, specific pass/fail criteria, remediation steps, and a field to record your findings inline. Select your network environment at launch: Commercial, NIPR, SIPR, or JWICS, and the tool filters to only the checks that apply. DoD and classified environments get additional controls around FIPS 140-2, CAC/PKI authentication, offline licensing, telemetry enforcement, and index classification. Each check is tagged Required or Recommended based on the selected environment. Assessments are scored on a weighted A through F scale with per-section breakdowns. A MITRE ATT&CK view shows tactic-level detection coverage across your visible checks. Load a previously saved assessment to compare against a current run and track what improved or regressed between assessments. Results export as a plain-text findings report or print directly to PDF. Progress saves as a JSON file at any point and reloads seamlessly, useful for multi-day assessments or handing off between team members. The tool runs entirely in the browser with no external dependencies, no network calls, and no installation required. It works on air-gapped and classified networks out of the box.