Skip to main content
Lantern Home
 
 
Splunk Lantern

Using Enterprise Security 8.0 workflows

  1. Last updated
  2. Save as PDF

 

You're new to Splunk Enterprise Security (ES) 8.0, and you're aware that in this version there are several changes to functionality compared to previous versions. You're looking for a quick intro to the key benefits and features in this new version.

Solution

This video shows you:

  • How ES aligns with the Open Cybersecurity Schema Framework (OCSF)
  • Changes to terminology, such as how notables are now referred to as findings
  • How to work with new ES detection types: event-based detections, and findings-based detections
  • How to use detection versioning
  • How ES integrates with Splunk Mission Control
  • How to generate finding groups
  • How to work with response plans
  • How to use integration with Splunk SOAR

Next steps

This article has been brought to you by Splunk Education. We’ve learned that the strongest superheroes up-skill with Splunk Education. That’s why we are making Splunk training easier and more accessible than ever with more than 20 self-paced, free eLearning courses. You can start with foundational courses like Intro to Splunk or dive into more advanced courses like Search Under the HoodResult Modification, and many more. Enroll today so you have the skills to detect the good, the bad, and the unproductive.

In addition, these resources might help you understand and implement this guidance: