splunk>enterprise
Administrator ▾Settings ▾
ES
Enterprise Security
Splunk App for Enterprise Security · v7.3.0
DAY 3 LAB · LAB 3 — DESIGN YOUR STACK· week 1
Map your tool stack — see how every SOC tool feeds Splunk.
- ›Open Configure → see Data Enrichment, Lists & Lookups, Adaptive Response.
- ›Identify which tabs map to: SIEM, EDR, Email, Identity, TI, SOAR.
- ›List the 10 highest-value sources to onboard first.
Hint: Splunk ES is the SIEM brain — every other tool either ingests in or is triggered out via Adaptive Response.
Configure
Saved Searches
No saved searches. Save one from the Search tab.