Splunk Enterprise must be configured with a report to notify the System Administrator (SA) and Information System Security Officer (ISSO), at a minimum, when an attack is detected on multiple devices and hosts within its scope of coverage.

Profiles that employ this XCCDF Rule

No profile (default benchmark)

36 rules

version: 2 accepted

Updated 18 days ago

Show

I - Mission Critical Classified

36 rules

version: 2 accepted

Updated 18 days ago

Show

I - Mission Critical Public

36 rules

version: 2 accepted

Updated 18 days ago

Show

I - Mission Critical Sensitive

36 rules

version: 2 accepted

Updated 18 days ago

Show

II - Mission Support Classified

36 rules

version: 2 accepted

Updated 18 days ago

Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity

Modules