skills.homes logoskills.homescapability registry
home/categories/debugging/mukul975-anthropic-cybersecurity-skills-skills-triaging-security-alerts-in-splunk-skill-md
cd ..
debuggingtools

triaging-security-alerts-in-splunk

Triages security alerts in Splunk Enterprise Security by classifying severity, investigating notable events, correlating related telemetry, and making escalation or closure decisions using SPL queries and the Incident Review dashboard. Use when SOC analysts face queued alerts from correlation searches, need to prioritize investigation order, or must document triage decisions for handoff to Tier 2/3 analysts.

Voir le code sourcedebugging
mukul975
maintainer
mukul975
Mis à jour 4/6/2026
Étoiles
4240
Forks
464
quick start

Installation and usage

Triages security alerts in Splunk Enterprise Security by classifying severity, investigating notable events, correlating related telemetry, and making escalation or closure decisions using SPL queries and the Incident Review dashboard. Use when SOC analysts face queued alerts from correlation searches, need to prioritize investigation order, or must document triage decisions for handoff to Tier 2/3 analysts.

Installation
$ install --globalskills.sh
Utilisation

Après l'installation, vous pouvez utiliser ce skill en exécutant la commande suivante dans votre terminal :

skills use triaging-security-alerts-in-splunk