Splunk Docs

Splunk Enterprise Security 7

Splunk Observability Cloud Splunk IT Service Intelligence Splunk Cloud Platform Splunk Enterprise Data Management Splunk Enterprise Security 8 Splunk Enterprise Security 7 Splunk SOAR Security Offerings AppDynamics SaaS AppDynamics On-Premises AppDynamics SAP Agent Release Notes and Updates Supported Add-ons Splunk Style Guide

Splunk Enterprise Security 7

Splunk Enterprise Security 7 Contents

Install

Administer

User Guide

Risk-Based Alerting

7.3

Introduction

Create risk objects

Modify risk

Identify threat

Manage risk factors

Visualizations to evaluate risk notables

Best practices

Use Splunk Behavioral Analytics to create risk notables

Troubleshoot risk-based alerting

Scenario 1: Ram isolates threats using risk-based alerting

Scenario 2: Ram reduces alert volume using risk-based alerting

Scenario 3: Ram isolates user behaviors using risk-based alerting

Appendix

Tutorials and Use Cases

API Reference

Release Notes and Resources

Mission Control

Security Content Update

Splunk Security Essentials

Splunk App for Fraud Analytics

Splunk App for PCI Compliance

Common Information Model

Splunk Machine Learning Toolkit

[MISSING CONTENT]

Explore Topics

Splunk Observability Cloud

Splunk IT Service Intelligence

Splunk Cloud Platform

Splunk Enterprise

Data Management

Splunk Enterprise Security 8

Splunk Enterprise Security 7

Splunk SOAR

Security Offerings

AppDynamics SaaS

AppDynamics On-Premises

AppDynamics SAP Agent

Release Notes and Updates

Supported Add-ons

Splunk Style Guide