Crowdstrike FDR logs to Splunk vs Splunk UF collecting logs from windows member server

This page summarizes the projects mentioned and recommended in the original post on /r/crowdstrike
Splunk Detection Engineering responses Cicd

InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • security_content

    Splunk Security Content

    • Our end goal is to achieve maxium coverage against MITRE mapping. Our mapping is pretty low and the management want to achieve this in a cost effective manner. Our analysts are more comfortable with creating alerts and dashboards using standard wineventlogs. When we talk about FDR, they are like "Rabitt in the headlights". We are planning to achieve by end of 2023. https://github.com/splunk/security_content/blob/develop/docs/mitre-map/coverage.png (highlighted in blue). Some of the coverage comes native with EDR and NDR. We have a different map of that one (esp proactive one).

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts