Video

Splunk for Security: SSE - Security Content

Episode 8

Play Video

Video Summary

This video is the first in a series focusing on the Common Information Model (CIM) and its role in data normalisation. It introduces data models, explaining how they standardise data from multiple sources by aligning different field names and formats to common standards. This process not only improves data consistency but also enhances search and analysis capabilities within Splunk. By normalising and enriching data, organisations can effectively explore and utilise information from various sources, making it easier to identify valuable insights.

The video also discusses the practical aspects of implementing data models, such as using field aliases in add-ons and manually aligning data fields with the CIM when needed. These data models are applicable across a range of domains, including security, network, cloud, and observability data, demonstrating their broad value. The video wraps up by highlighting the benefits of having CIM-compliant data, such as faster searches and more relevant business insights, and previews the next episode, which will cover data model acceleration.

Additional Resources

Who are Somerford?

We are a passionate group of people delivering innovation to our customers on their digital transformation journey.

Splunk Edge Hub

Effortlessly streamline the process of inegrating your data with the Splunk Edge Hub

Splunk Security Solutions

Utilise Splunk's suite of security solutions designed to provide uniefied and robust defence against cyber threads.

Get in Touch to Learn More

With specialist knowledge, skills and experience derived from supporting a broad range of FTSE 100, FTSE 250 and smaller companies Somerford Associates have a strong reputation for enabling digital transformation at scale, at pace and in budget.
Scroll to Top