Our Product

Insight Engines Cyber Security
Investigator for Splunk

Discover and triage security issues faster,
reducing risk and increasing efficiency.

Watch the replay of the Splunk .conf2016 keynote The DNA of Digital Transformation, where our CEO Grant Wernick presents Insight Engines

Insight Engines enables organizations to unlock the value of machine data in Splunk making it accessible and actionable to anyone in an organization, from analyst to executive. Insight Engines Cyber Security Investigator for Splunk (CSI) is optimized for cybersecurity use cases, enabling analysts to search data in Splunk using plain-English to quickly detect, investigate, and visualize cyberthreats.

CSI Features

  • Natural language processing engine enables plain-English search
  • Automatically generates highly-optimized SPL
  • Creates multiple reports and visualizations from a single search
  • Facilitates the creation of Splunk alerts for monitoring and detection
  • Rich search results are returned in real-time
  • Enables correlations across multiple data sources within Splunk
  • Intuitive search interface and powerful search suggestions
  • Shows Splunk Query Language to help beginners learn and experts pull off more complex tasks even faster
Get The Datasheet
  • Before CSI
  • Limited value of Splunk
  • Sub-optimal security posture
  • Limited people can query machine data
  • Too much time spent on SPL
  • Hard to find, train and retain SPL experts
  • After CSI
  • Unlock the full value of Splunk
  • Stronger security posture
  • Machine data is accessible by everyone
  • Less reliance on SPL expertise
  • More time to investigate & mitigate threats

See how Insight Engines and CSI can help your organization

Request a demo

Technical and Installation Details

100% self-contained Splunk App
Installs in under an hour
No additional hardware required
Installs on a search head or search head cluster
Less than 1% added load of one CPU
Requires only Splunk Enterprise (not Splunk Enterprise Security)
Will run in any environment Splunk Enterprise is running in including private/public cloud, Splunk Cloud, virtual machine, physical hardware.