About Splunk
Splunk is the world's leading data platform for security and IT operations, trusted by enterprises and governments globally to monitor, investigate, and respond to threats at scale across massive volumes of machine data. With a security portfolio spanning SIEM, SOAR, and threat intelligence management that powers security operations centers worldwide, Splunk is the gold standard for security analytics and operational intelligence. Teams looking to integrate with Splunk or build a Splunk integration can use Synqly to route normalized security data, logs, and telemetry from across the security stack into Splunk's analytics platform through a unified connector.
About the Splunk Enterprise Security Integration
Splunk Enterprise Security is Splunk’s premium SIEM solution and the industry benchmark for security analytics, providing advanced threat detection, investigation, and response capabilities built on Splunk’s data platform for enterprise security operations centers worldwide. As Synqly’s SIEM provider, Splunk Enterprise Security enables security teams to route normalized security event data from Synqly-connected tools into Splunk’s correlation and detection engine through a standardized connector. Integrate with Splunk Enterprise Security to centralize security telemetry from across your stack into Splunk ES, powering correlation searches, notable events, and investigations.
Integration Use Cases
Post Events
Writes a batch of `Event` objects to the Sink configured with the token used for authentication.