Access Detection Studio to identify optimal detections

Install Splunk Enterprise Security (Cloud) on AWS to access Detection studio.

Note: Detection Studio is automatically provisioned if you are on Splunk Enterprise Security (Cloud version) and is available on AWS Cloud for both Essentials and Premier editions.

In Splunk Enterprise Security, go to Security content and select Detection Studio.
Go to Launchpad dashboard to view the available detections and deployed detections.
Go to MITRE ATT&CK coverage dashboard to view and drill-down into the individual techniques that are used in detections.
Go to Detection library dashboard to deploy only those detections that are most actionable and relevant to reduce alert noise.
Go to Configure to customize the detection priority and health algorithms for your specific security environment.

Splunk Enterprise

Splunk Cloud Platform

Splunkbase

Enterprise Security

SOAR

IT Service Intelligence

Content Packs

Splunk Observability Cloud

AppDynamics SaaS

AppDynamics On-Premises

SAP Agent

Developer Documentation

Splunkbase

Splunk Enterprise

Splunk Cloud Platform

Splunkbase

DATA MANAGEMENT

SEARCH AND ANALYTICS

ADMINISTRATION

Enterprise Security

SOAR

ENTERPRISE SECURITY

SOAR

RELATED APPS

IT Service Intelligence

Content Packs

ITSI

IT Ops

ADMINISTRATION

EXTENSIONS

Splunk Observability Cloud

MONITORING

DATA MANAGEMENT

ADMINISTRATION

AppDynamics SaaS

AppDynamics On-Premises

SAP Agent

ESSENTIALS

MONITORING

ADMINISTRATION

Developer Documentation

Splunkbase

PLATFORM

OBSERVABILITY

REFERENCE

Resources

REFERENCE

Learn More

Support

Access Detection Studio to identify optimal detections