Entity discovery dashboard

The Entity discovery dashboard provides a centralized view of every asset, user, software, cloud application, and vulnerability that Splunk Enterprise Security has discovered on your network. Each discovery report presents summary data, including geographic distribution and activity trends over time, that analysts can use to understand the current state of their environment at a glance.

From the dashboard, you can refine any report to focus on a specific subset of your environment by applying field-based or SPL filters. Saved filters let you return to a consistent view across sessions, and can be shared with other users. Each report's details table is customizable: you can add or remove fields to surface the data most relevant to your investigation, and export your results.

The Entity discovery dashboard supports the following actions:

View summary discovery reports for assets, identities, software, cloud applications, and vulnerabilities.
Filter reports by individual fields or by an SPL search, and save those filters for later reuse
Share filters across the app
Customize which fields appear in each report's details table
Export report data in your preferred output format

Splunk Enterprise

Splunk Cloud Platform

Splunkbase

Enterprise Security

SOAR

IT Service Intelligence

Content Packs

Splunk Observability Cloud

AppDynamics SaaS

AppDynamics On-Premises

SAP Agent

Developer Documentation

Splunkbase

Splunk Enterprise

Splunk Cloud Platform

Splunkbase

DATA MANAGEMENT

SEARCH AND ANALYTICS

ADMINISTRATION

Enterprise Security

SOAR

ENTERPRISE SECURITY

SOAR

RELATED APPS

IT Service Intelligence

Content Packs

ITSI

IT Ops

ADMINISTRATION

EXTENSIONS

Splunk Observability Cloud

MONITORING

DATA MANAGEMENT

ADMINISTRATION

AppDynamics SaaS

AppDynamics On-Premises

SAP Agent

ESSENTIALS

MONITORING

ADMINISTRATION

Developer Documentation

Splunkbase

PLATFORM

OBSERVABILITY

REFERENCE

Resources

REFERENCE

Learn More

Support

Entity discovery dashboard