- Introduction
- System requirements
- Configure Syslog
- Configure threat data report
- Configure adaptive response
- Removing the CylancePROTECT Desktop Application for Splunk
- Data source types
- Troubleshooting
- Support
- Appendix: configure Syslog over SSL in Splunk
- BlackBerry Docs
- Cylance products
- Protect Application for Splunk
- Configure adaptive response
Configure adaptive response
The
CylancePROTECT Desktop
Application for Splunk
is part of Splunk
's Adaptive Response (AR) program. This means users with sufficient Splunk privileges can act on Cylance
-protected hosts from the Splunk
console. While this capability provides fast and convenient response actions, there is also some risk when operated by uninformed, but well-meaning, security personnel. This capability should be restricted using Splunk
's included Role-Based Access Controls (RBAC).