Splunk
Developed by Mimecast
Identify Threats & Inform Response
Email continues to be the most widely used attack vector. Data sourced from email activity and attacks is high value for the security operations team, enhancing the benefits of your Splunk Enterprise investment.
Correlate security events detected by Mimecast Targeted Threat Protection and the Secure Email Gateway with other security systems connected to Splunk Enterprise – helping security analysts detect incidents and attacks quickly and accurately.
Key Benefits
- Analyze logs from your Mimecast tenant in isolation using Splunk Enterprise's powerful search capability
- Correlate logs from your Mimecast tenant with data from other security systems to provide more context and actionable information
- Stay informed with out-of-the-box dashboards or by creating custom reports and alerts tailored to your organization's needs
- Track user activty and system changes in Mimecast and correlate this with data from other systems
- Leverage data to demonstrate regulatory compliance
Lösungsüberblick
- Mimecast logs event activity in real time. This includes email receipt, processing and delivery, and employees clicking on links within an email.
The events are then made available for integration into 3rd party systems via a REST API using industry standard JSON or pipe delimited, key-value pair formats. - Log collection is achieved using modular inputs. For the greatest flexibility, each log type is separated into its own input, allowing you to choose what data you want to ingest.
- With modular inputs successfully configured, data is immediately ingested and indexed by Splunk Enterprise. Once indexed, data is searchable and displayed in the app's built in dashboards.
Release Notes
https://community.mimecast.com/s/article/Mimecast-for-Splunk-Release-Notes
Featured Apps

Rapid7 insightConnect
by Rapid7
Rapid7 InsightConnect is your home for SecOps, equipping you with the visibility, analytics, and automation you need to unite your teams and amplify efficiency.

IBM QRadar
by Mimecast
The Mimecast integration with IBM QRadar offers joint customers improved visibility into potential vulnerabilities, ongoing attacks, prioritized incident response alerts and an overall increased security posture through one single console.

Splunk
by Mimecast
Identify threats and inform response with the Mimecast and Splunk Enterprise integration.

LogRhythm
by Mimecast and LogRhythm
LogRhythm and Mimecast have developed an integration that combines email security with enterprise security and threat management.

Palo Alto Networks Cortex
by Mimecast
Email remains the primary attack vector and the front line of incident detection, response and remediation. That’s why integrated email security controls are vital to completing your Cortex Data Lake solution.