Overview

Splunk is a security information and event management (SIEM) solution that allows users to collect, index, report, and present data from multiple sources. Common uses include supporting operational requirements, such as monitoring the average response time of a website, or gathering and presenting forensic data to support IT and information security teams.

Administrators who use Jamf Pro or Jamf Protect can send event data to Splunk. Jamf Pro can send event data from device configuration and management actions, and Jamf Protect can send events from threat detections on computers.