Splunk Compliance Essentials: Your One-Stop Shop
Meet The Requirements of CMMC, DFARS, FISMA and More
By David Cheever, Team Lead, Advanced Services
Introduction
Splunk’s Compliance Essentials provides several features that can help organizations meet the requirements of various compliance frameworks. This app comes pre-packaged with a library of compliance practices, dashboards that can be used to monitor compliance status & track progress, and reports that can be used to demonstrate compliance to auditors.
After a fresh installation, the app will direct you to the App Initial Setup Page to select a framework. You can also select multiple frameworks if more than one is applicable to your organization. Compliance Essentials addresses the requirements for the following five frameworks:
- Cybersecurity Maturity Model Certification (CMMC)
- Defense Federal Acquisition Regulation Supplement (DFARS)
- Federal Information Security Modernization Act (FISMA)
- Risk Management Framework (RMF)
- Office of Management (OMB) M-21-31
This blog will provide a general overview of the features and benefits of the app, which is available for free on Splunkbase.
Overview Pages
The overview pages provide a high-level overview of your audit and continuous monitoring program. The Domain Overview page displays a selection of domains, each of which drills down into a Practice Overview page. The Practice Overview page, in turn, displays a selection of dashboards that provide more detailed information about the status of the program. For a single pane of glass view, the Executive Overview dashboard provides a top-down view of the status of the various audit review entries across the full scope of the solution.
Practice Dashboards
Compliance Essentials uses lookups and KV Store collections to map content to different controls. It also relies on data models to ensure that pre-built dashboards are populated correctly. The app comes with a robust library of more than 50 dashboards that align with OMB requirements, more than 100 dashboards that align with DFARS practices, more than 170 dashboards that align with CMMC practices, more 300 dashboards that align with FISMA practices and 2,900+ dashboards that align with RMF practices.
Custom Content
The Custom Content page in Compliance Essentials includes a list of custom dashboard panels which can be added to already existing dashboards. These panels are organized by practice and domain, making it easy to locate the panels you need. To add a panel to a dashboard, simply click on the “Add to dashboard” button. The panel will then be added to the corresponding dashboard. The solution includes over 300 custom panels that can be added to dashboards, in addition to the panels that ship out-of-the-box. This gives you a wide range of options to customize the dashboards to meet your specific needs and make them more informative and useful.
Adding Records
Users can also add records to each dashboard, making it easier to store relevant documentation and artifacts directly within Splunk. This is especially useful for practices that are documented or policy-driven, as it eliminates the need to search for artifacts in multiple locations.
Audit Entries
Each dashboard has an audit entry capability that allows you to view, manage, and create audit entries. This workflow can be used by your internal teams to track comments and feedback from reviews, verify compliance status, and set follow-up review dates.
Solution Activity
The Solution Activity page allows you to track the app’s activity and utilization, as well as audit the auditor’s work. It also provides monitoring capabilities for your audit and continuous monitoring program, both in terms of activities and overall trends.
Conclusion
Splunk’s Compliance Essentials is a one-stop shop that can help organizations improve their compliance posture by providing a centralized view of all their compliance data. This can help organizations to identify potential compliance gaps and track their progress towards compliance. If you are looking for a way to improve your organization’s compliance posture, contact us for more information on implementing Compliance Essentials into your environment.