In today’s data environment, getting meaningful answers and insights out of your data is a greater feat than ever. There are many things slowing down the process of data analysis, the sheer volume of security alerts taking analyst time, the growing demand of skilled analysts, the inherent difficulty in knowledge sharing, and the task of maintaining compliance with data regulations.
Using Splunk Enterprise along with our new IRIS app eases all these tasks. The IRIS App uses voice and natural language processing (NLP) to translate your plain English questions into the Splunk search processing language (SPL). This allows users the freedom to spend more time thinking about what to ask, rather than how to ask it. And it means newer users can start accessing their data even quicker.
Once an analyst has gotten the information they want, they can save their search for future use. IRIS uses Workflows to allow a user to save their plain English questions, encapsulating them with descriptions, and allowing them to be run using a single command. Questions and their conditional follow-up questions get captured in the NLP Workflow. This reduces redundancy and time spent performing repetitive searches.
Once a Workflow is saved, it can be used in a variety of ways. It can be executed using a single voice command, at a pre-scheduled time, or in response to specific incidents. This again, allows users to spend their time more efficiently, proactively threat hunting.
IRIS also natively includes a community page that allow users to share their Workflows with other users. Using this Slack-like private community feature, users can share and discuss their workflows with set individuals or with the entire Query.AI community.
We are immensely proud of what we have created. We think that Splunk is pretty awesome and are very glad to leverage their platform to allow users to talk to their data in a new way.
Click here to learn more and register for your free trial today.
If you have any questions, we’d love to hear from you please leave a comment below.