About the Illumio App for Splunk
The Illumio App for Splunk integrates Splunk with the Illumio PCE to provide security and operational insights into your Illumio-secured data center. Multiple dashboards display an overview of your data center while monitoring the PCE and Illumio Virtual Enforcement Nodes (VENs) installed in your data center.
With improved visibility of east-west traffic, your Security Operations Center (SOC) staff can detect unauthorized activity and potential attacks from traffic blocked by Illumio segmentation policies on workloads in the "Enforced" policy state (policy is enforced). Additionally, the Illumio App for Splunk provides visibility into potentially blocked traffic for workloads in the "Test" policy state (policy is visualized but not enforced). This enables SOC staff to quickly pinpoint potential attacks and remedy those situations.