Skip to main content


Splunk Lantern

Visualizations and Reports


Both Splunk Enterprise Security and Splunk Security Essentials provide visualizations and reports that help you ensure that your security posture is up-to-date.

A well-configured visualization or report should allow you to view threats and incidents that are trending up or down. The ability to view trends through a single pane of glass is a powerful tool for both managers and analysts, helping to reduce dwell and resolution times. 

What are the benefits of effective visualizations and reports?

You can use reports and visualizations to monitor trends and respond faster. This is also a great way to provide real-time insights for management. For example, the Executive Summary Dashboard in Splunk Enterprise Security provides quick access to the following information: 

  • Mean Time to Triage
  • Mean Time to Resolution
  • Investigations Created
  • Risk Based Alerting Trends

What are best practices around visualizations and reporting?

You should be able to produce and show current results and trends in order to assess your security posture and to make better decisions.

  • Summary and trends dashboard
  • Current security posture
  • Incident review

What processes can I put in place to enhance my visualizations and reports?  

These resources will help you implement this guidance: