Splunk Cloud Integration

The Splunk Cloud Platform lets you investigate, monitor, analyze and act on your data with unprecedented insight, all from the cloud. Splunk experts manage your IT backend so you can focus on acting on your data, while the platform scales to your analytics needs. Make the most of all your data while maintaining privacy and compliance standards with our industry-certified platform.

When you configure the Splunk Cloud integration, a target will become available in XDR automation for automated workflows. If you configure an HTTP Event Collector Token, you can use XDR Automation to export incident data to Splunk Cloud (this is optional).

Note: A Splunk addon is available for the Cisco Security Cloud. Installing this addon provides enhanced integration with Cisco XDR. See Splunkbase for more information. Enabling the Splunk addon will allow for synchronization of incident data with Cisco XDR, however, enabling this integration in XDR is still required to use Splunk-related workflows in XDR Automation.