F
Alert Manager Enterprise comes with a broad set of features out of the box. Feature Packs are available to provide even more functionality.
Feature Packs
Extend the Functionality of Alert Manager Enterprise with Feature Packs for Security and Service Providers.
Event Management
Keep an overview of all triggered Alerts with our Event Summary. Easily assign events to users and manage event statuses.
Workflow Actions
Use any Splunk Workflow Action for your investigations, from GET and POST Requests to Drilldown Searches.
Rules
Have repeating maintenance windows or want to auto-assign certain events? Our Rules have you covered
Custom Statuses
Do you need other statuses for events? Add your custom statuses easily.
Resolutions
Was it a false or true positive?
Specify your resolution when closing an event!
SLA Management
Define and monitor response and resolution times, with proactive notifications for potential breaches.
Observables
Enrich Alerts with Asset and Identity Context
Risk Scoring
Prioritize Threats with Smart Scoring
.png)
Ticketing Integration
Sync incidents with external ITSM systems like ServiceNow, seamlessly
Feature Packs
Need more functionality? You can enable our feature packs for Security and Service providers in a snap.
Multi-Tenancy
Are you a service provider and want to manage multiple customers simultaneously? Do you need Role Based Access Control? Our native Multi-Tenancy feature has got you covered.
Security Pack
Our feature pack contains essential security enrichment data and Risk Scoring to get you started.
Alert Management made easy.
1. Add an Alert Action
Add our Alert Manager Enterprise Alert Action to your existing Splunk Alert.
2. Select a Template
Select an Alert Template to define what should happen with the Alert.
3. Alert gets Triggered
Wait for an Alert to be triggered and AME will convert the alert into an meaningful event.
4. Manage the Event
Open the Event Summary View and start managing the event.