Splunk ES 8.0.2 – Response Plans & Investigation types

Table of contents Here is a second post about Splunk Enterprise Security 8.0.2, released on January 22nd. This time, I will give you an overview of the Response Plans feature. You can access to Responses Plans by going to Splunk Enterprise Security > Security Content > Response Plans. What Are Response Plans ? The Splunk […]

Splunk ES 8.0.2 – Versioning feature review

Table of contents Splunk Enterprise Security v8.0.2 is out since January, 22nd. I will present to you a new feature introduced in this version: detection versioning. Long awaited, this functionality is interesting in several ways. First of all, in theory, you can avoid using Git or GitLab to keep versions of your detections, as it […]