Splunk TA High-Level Functionality

Cortex® Xpanse™ Expander’s add-on Splunk integration allows you to consume and access Cortex® Xpanse™ Expander alerts and data through Splunk.
Cortex® Xpanse™ Expander’s add-on Splunk integration allows you to consume and access Cortex® Xpanse™ Expander alerts and data through Splunk.
Splunk represents “events” as JSON objects. Associated information to those events are the JSON object’s values. You can query Splunk events using Splunk queries. For more help on Splunk data querying, refer to the appropriate Splunk data querying documentation or ask your Splunk technical contact.
For additional information on how to use Splunk more generally, see Splunk’s general documentation site.

Recommended For You