Splunk Enterprise
Ingest Large Quantities of Threat Intelligence
EclecticIQ Intelligence Center includes built-in integration with Splunk Enterprise, the leading platform for Operational Intelligence.
EclecticIQ Intelligence Center acquires cyber threat data in different formats from multiple sources; de-duplicates, normalizes, and enriches source data with additional contextual details; and feeds relevant information to Splunk Enterprise.
Splunk Enterprise, using a rule-based approach, analyzes and filters cyber threat data to identify the most relevant threats to your organization. Important sightings and alerts are then fed back into EclecticIQ Intelligence Center for automatic dissemination and analyst review.
The result of this process is a rich threat intelligence dataset that allows you to efficiently tune your SIEM prevention and detection system.
The Splunk App for EclecticIQ Intelligence Center ships with a default set of dashboard gauges to make it easier for Splunk users to monitor feed data collection, as well as to analyze and perform triage on any Indicators of Compromise (IOCs) the data analysis may yield.
Download the certified EclecticIQ Intelligence Center App for Splunk.