Back to Integrations SplunkGet API AccessContact Us
Integrations SIEM

Splunk

Enrichment and Proactive Alerting

Every second, a massive influx of events hits SIEM tools, and these numbers continue to rise. With this in mind, organizations need the ability to execute high-volume queries with low latency. The DomainTools® App for Splunk allows customers to rapidly enrich domains with tagging, Domain Risk Score, domain age, Whois, IPs, active and passive DNS provided by Farsight’s DNSDB, and other connected infrastructure to surface evidence of malicious activity. Moreover, newly-appearing domains identified by Iris Detect can be triaged and alerted on directly within the App.

Precisely Target Alerts and Hunt Threats Across Your Enterprise

  • DomainTools App for Splunk

    • Discovery of new domain IOCs related to network observables from within Splunk
    • Auto-enrichment of every domain from configured log sources with DomainTools Iris intelligence

    Download From SplunkBase

    If you are a current DomainTools customer, please contact your Account Manager or Enterprise Support before downloading the Splunk App. We want to help ensure that our application is configured to provide the most value in your environment.

  • Threat Hunting and Event Enrichment-at-Scale

    • An out-of-the-box Threat Hunting & Monitoring Dashboard for domain risk assessment and proactive alerting using Enterprise Security
    • Surface meaningful alerts that are enriched by the comprehensive Iris dataset to identify malicious intent
    • Leverage the Iris and DNSDB datasets for immediate access to dozens of attributes attached to every domain event in Splunk

  • Proactive Domain Risk Scoring

    • Automated discovery of potentially malicious domains leveraging DomainTools Iris Detect & Risk Score capabilities inside Splunk
    • Raise alerts with batch processing
    • Access Domain Risk Score – Proximity and Threat Profile classifiers

Support and Learning

About Splunk

Splunk turns machine data into answers. Regardless of your organization’s size and industry, Splunk can give you the answers you need to solve your toughest IT, security and business challenges—with the option to deploy on-premises, in the cloud or a hybrid approach.

Learn More

DomainTools Partner Integrations

Splunk
Splunk SOAR
anomali logo
Tines Logo
Cortex SOAR
Crowdstrike
EclecticIQ
Elastic
Exabeam logo
IBM Resilient
IBM QRadar
Maltego
DomainTools Logo
Pricing Contact Login Support Request a Demo

© 2024 DomainTools

DomainTools® and DomainTools™ are owned by DomainTools, all rights reserved.

Privacy Policy    |    California Privacy Notice
Do Not Sell My Personal Information    |    Terms of Service    |    Sitemap