The Splunk Adaptive Response Framework (ARF) included with Splunk Enterprise Security (ES) allows actions to be taken in response to data. This is done by creating an alert that triggers when a certain search result condition is received in the Splunk ES Search and Reporting app.
Production or test data targets, as well as the operational log data, created by SortCL-compatible data manipulation or generation jobs in the IRI Voracity data management platform and its included products (IRI CoSort, NextForm, RowGen, FieldShield and DarkShield) are all machine-readable.
Splunk Enterprise Security (ES) is a major player in the Security Information and Event Management (SIEM) software market. The cloud-based analytic platform combines the indexing and aggregation capabilities of Splunk Enterprise with a range of fit-for-purpose features attendant to SIEM environments.