Skip to main content
Splunk Lantern

Cisco: IronPort Email Security Appliances

{Replace this first sentence with a description of the data source, where it comes from, and any key information to know about it.} In the Common Information Model, {data name} can be mapped to any of the following data models, depending on the field: {linked Common information model name}.

Data visibility

{Replace this text with a line that describes what specifically the data gives you insight to, preferably using terms from use cases, sales plays, and known customer initiatives.}

Data application

When your Splunk deployment is ingesting {data source name}, you can use the data to achieve the following:

  • {Link to a Splunk Lantern use case or guide}
  • {Link to a Splunk Lantern use case or guide}
  • {Link to a Splunk Lantern use case or guide}


Guidance for onboarding data can be found in the Spunk Documentation, Getting Data In (Splunk Enterprise) or Getting Data In (Splunk Cloud). Refer to the documentation, and note the following:

  • Recommended index: {index name}
  • Source type: {source type name}
  • Input type: {input type}
  • Add-on or app: {Name of the add-on or app exactly as it appears in Splunk Base and turn it into a hyperlink to Splunk Base}
  • Sizing estimate: {Add description}


{Replace this text with a statement that explains how the customer can validate that the data source was correctly configured.}

Use this space for SPL related to validating the data source configuration.
  • Was this article helpful?