- Print
- DarkLight
Splunk Notables is a feature within Splunk Enterprise Security that generates and manages notable events, which are significant security events identified through correlation searches. These notable events are created based on predefined or custom rules that detect suspicious activities, anomalies, or policy violations across an organization’s data. Splunk Notables provides security teams with actionable insights by aggregating and prioritizing critical security incidents, enabling efficient incident response and threat management. By leveraging Splunk's powerful data analytics and visualization capabilities, Splunk Notables helps organizations enhance their security posture and streamline their security operations.
Integration Method: JSON
Tables: Detection Finding