Scenarios using Splunk Enterprise Security
These scenarios walk you through monitoring, investigation, and detection scenarios for security incidents using Splunk Enterprise Security. Use the available dashboards, alerts, correlation searches, as well as custom searches, to assess and remediate threats in your environment.
The following scenarios explain real-world ways you can use Splunk Enterprise Security.
Scenarios to detect malware
Scenarios to identify suspicious activity
Additional scenarios using risk-based alerting
Additionally, you can also refer to the following scenarios that are based on risk-based alerting in the Use Splunk Enterprise Security Risk-based Alerting manual: