Sold by: Keos
Keos' Splunk AI Enablement service integrates artificial intelligence directly into your Splunk environment using Splunk's Model Context Protocol (MCP) server. Keos' certified Splunk SMEs configure the MCP server to allow AI assistants and large language models to query, search, and analyze your Splunk data using natural language — enabling AI-assisted threat hunting, automated investigation workflows, and conversational access to your security and operational data. Whiteleaf AI detections are also available as a complementary add-on for teams looking to further expand their AI-powered detection coverage.
Overview
Splunk MCP Server Implementation: Keos installs and configures Splunk's Model Context Protocol (MCP) server on your Splunk environment, enabling AI assistants and LLMs to connect directly to your Splunk data — running searches, retrieving results, and surfacing insights through natural language. AI-Assisted Threat Hunting and Investigation: Once the MCP server is configured, analysts can interact with Splunk using conversational AI tools — asking questions, running ad-hoc investigations, and exploring data without needing to write SPL manually. Automated Workflow Integration: Keos configures MCP server integrations that allow AI models to trigger searches, correlate events, and feed findings into existing Splunk workflows — reducing the manual burden on your SOC and operations teams. Whiteleaf AI Detection Coverage (Optional Add-On): For teams looking to extend AI capabilities into automated detections, Keos can also install and configure Whiteleaf AI's 100+ pre-built security use cases, which surface AI-driven risk scores directly within Splunk Enterprise Security. Validation and Documentation: The full deployment is validated end-to-end, with documentation and weekly status reports delivered throughout the 80-hour engagement.
Highlights
- Splunk MCP server configured to enable AI assistants and LLMs to query, search, and analyze your Splunk data using natural language
- AI-assisted threat hunting and automated investigation workflows reduce manual SPL authoring and accelerate SOC response
- Whiteleaf AI's 100+ pre-built security detections available as a complementary add-on for expanded AI-powered coverage
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Pricing
Custom pricing options
Pricing is based on your specific requirements and eligibility. To get a custom quote for your needs, request a private offer.
Legal
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Support
Vendor support
Software associated with this service
Ongoing Managed Detection and Response services via a full-time 24x7 security operations center
By BlueVoyant
Ongoing Managed Detection and Response delivered via a full-time 24x7 security operations center
MDR provides comprehensive security coverage, but many businesses require additional cloud-native incident response, deep digital forensics, or legal testimony support that falls outside the scope and capabilities of MDR. BlueVoyant offers our DFIR for MDR for Splunk.
By pCloudHosting LLC
This product has charges associated with it for maintenance, support, deployment, and infrastructure services provided by PCloudHosting. Splunk is offered as a preconfigured and managed deployment on Ubuntu 24.04 for log analysis, monitoring, and operational intelligence.