product
- Why choose Splunk
- Installation record
- price
- Splunk Enterprise Security
- Splunk Phantom (SOAR)
- Splunk ITSI (Next Generation IT Operations)
- Splunk Observability Cloud
- Splunk UBA
- Macnica CSIRT App Basic
- App for Splunk for Financial Institutions
- Splunk Analytics for Hadoop
- About Apps
- Splunk Edge Hub
- What is Splunk
service
- Dashboard/SPL Creation Pack [Implementation/Building Support]
- Version upgrade service [implementation and construction support]
- Smart Security Monitoring App [Original App/Service]
- Splunk × LANSCOPE Original App [Original App/Service]
- Security Monitoring App for Box [Original App/Service]
- Cloud Security Monitoring App [Original App/Service]
- List of services
- Macnica Premium Support for Splunk (utilization support, version upgrade monitoring)
- Macnica Premium Support for Splunk Skill Up Package
Specifications/Technical Information
Application for evaluation machine
- FAQ

Splunk
Splunk
Detect attacks targeting public clouds and centrally manage multi-clouds Cloud Security Monitoring App
"Cloud Security Monitoring App" is a SIEM-App for Splunk Enterprise equipped with a set of functions and mechanisms required for SIEM in order to deal with the latest cyberattacks on public cloud services that are rapidly increasing in use.
By using this App, you can implement and tune advanced detection rules, manage alerts, and conduct post-detection investigations, making it possible to quickly launch SIEM operations necessary for cloud security measures.
It is possible to implement detection logic that responds to company-specific security risks that cannot be covered by cloud-native security services provided by public cloud service providers. Recommended for companies that use multiple public cloud services.
feature
- Apps built for cloud-specific risk
This App has been developed based on the risk countermeasures specific to cloud services as described below, and implements countermeasures against not only external attacks but also incidents that may occur due to users.- account hijack
- Vulnerable API use
- Data exfiltration/exfiltration due to easy external data sharing model
- Difficult to visualize with easy service provisioning model
- Integrated management of multi-cloud and hybrid environments
Efficient security operations can be realized by realizing alert aggregation and integrated monitoring of multiple public cloud services and hybrid environments with on-premises environments. - Flexible customization of detection logic according to your requirements
Since this App is developed based on Splunk Enterprise, it is possible to flexibly customize the detection logic and dashboard. It is possible to implement detection logic that responds to company-specific security risks that cannot be covered by cloud-native security services provided by public cloud service providers.
Main function
Equipped with three function groups initially
- Correlation detection rule
The major services of the four public cloud services below contain a lot of critical information, and security measures should be prioritized.- storage
- Compute
- IAMs
- Network
- Alert response management mechanism
Effective alert response management mechanisms and dashboards, such as alert tracking (owner assignment/status management, etc.) mechanisms, automatic assignment of alert priorities, and multi-faceted filtering, are used to quickly respond to alerts without waste. It is installed initially. - Detailed analysis dashboard group
A number of dashboards are initially installed that enable analysis from various perspectives required for SOC operations.
price
Pricing that does not depend on ingested log volume
It is determined based on the number of correlation detection rules to be implemented and the number of target public clouds. Therefore, the log volume ingested is not linked to the price.
立ち上げ時の導入作業をバンドルした価格
迅速なSIEM運用立ち上げのため、以下の導入/実装作業を弊社にて代行します。上記金額には各種作業代行費用が含まれています。
Simple package | Standard package | |
---|---|---|
menu |
|
|
standard price |
Estimate each time
|
Estimate each time
|
|
- The prices shown above do not include tax.
- The above prices are based on the premise of implementation for remote work (use of VPN or remote desktop). (If on-site work is required, individual quotations will be provided.)
- App/solution customization is not included in the above services. (If necessary, please purchase the "Dashboard Creation Pack" separately.)
- Tuning of detection rules after completion of initial implementation and initial tuning is not included in the above service range. (If necessary, please purchase the "Dashboard Maintenance Pack" separately.)
This App will be provided as a package service that bundles initial installation work and first year support. The pricing model has the following characteristics:

Weekdays: 9:00-17:00
Inquiry/Document request
In charge of Macnica Splunk Co., Ltd.
- TEL:045-476-2010
- E-mail:splunk-sales@macnica.co.jp
Weekdays: 9:00-17:00