AlphaSOC Data Lake for Splunk
New Release
New integration that brings OCSF telemetry stored in AlphaSOC's data lake directly into Splunk search pipelines.
The alphasoc generating search command lets you query AlphaSOC telemetry using familiar SPL syntax. Filter by device attributes, network endpoints, DNS queries, and other OCSF fields, then combine results with the rest of your SPL pipeline for correlation and analysis.
Key features:
- Query OCSF telemetry directly from Splunk
- Filter by
class_name,log_source, device IPs, hostnames, DNS queries, and more - Boolean logic with
AND/ORoperators - Results stream directly into Splunk as they arrive
Setup takes seconds: enter your AlphaSOC API key in the AlphaSOC for Splunk settings page and you're ready to go.
The AlphaSOC Data Lake for Splunk is in beta right now. Want to explore it or get early access? Reach out to our support team at support@alphasoc.com.