• Support
  • Contact Sales
  • Login
  • Home
  • Product
    • Overview
    • Packages
    • Our Cloud
    • Our Intel
  • Customers
  • Use Cases
    • By Need
    • By Industry
    • By Integration
  • Partners
    • Overview
    • MSP Partners
    • Channel Partners
    • Service Providers
  • Resources
  • Blog
  • Cisco Security
  • Cisco Home
Cisco Umbrella
  • Support
  • Contact Sales
  • Login
  • Product
  • Customers
  • Use Cases
  • Partners
  • Resources
  • Blog

Splunk and Cisco Umbrella Investigate

Enrich security events in Splunk with the Investigate API

Request a Quote
  • Cisco Umbrella
  • By Need
  • By Industry
  • By Integration
Request a Quote

See what connections you’ve been missing during investigations

The Splunk Add-on for Investigate automatically enriches security events inside Splunk with threat intelligence about the domains, IPs, and file hashes used in attacks. Now, security analysts have more context and can make faster, more informed decisions when responding to critical incidents and researching potential threats.

Install the Cisco Umbrella Investigate Add-on for Splunk
Splunk Logo
Splunk Icons

Most complete view of attacks

Automatically enrich security events with Investigate’s intelligence about the relationships between domains, IPs, and file hashes.

Learn more about Investigate’s internet-wide visibility

Uncover missing connections

Expose valuable connections within an attacker’s infrastructure with Investigate’s intel — including co-occurrences, related domains, geolocation, categorization, and reputation scores.

Learn more about Investigate’s unique intel
Splunk Icons 1
Splunk icon 2

Speed up investigations

With Investigate’s rich context populated in Splunk, security teams can leverage a single platform to make faster, more informed decisions during investigations — versus correlating data from multiple sources.

Read more about the benefits

Webinar: Automation can improve SOC operations, but how?

Watch this webinar with Henry Canivel, Security Operations Engineer at Splunk & Investigate Product Manager, Jeremy Linden as they outline the steps you can take to:

  • Gain internet-wide visibility into your network & predict attacks
  • Amplify your existing security investments with Investigate
  • Provide better enforcement for malicious destinations via API-based integrations with Splunk and Cisco products
Register for the webinar
Placeholder
    • What We Make

    • Secure Internet Gateway
    • Threat Enforcement
    • Threat Intelligence
    • Who We Are

    • Data Center Locations
    • System @ Umbrella
    • Our Blog
    • Learn More

    • Contact Us
    • Customers
    • Events
Cisco Umbrella

208.67.222.222 + 208.67.220.220

  • Privacy Policy
  • Sitemap
  • © Cisco Umbrella, 2018