Skip to content

Reports

The following section contains a list of included reports with the OT Security Add-on for Splunk. These reports can be scheduled, customized, or adjusted as needed.

  • Authentication Attempts Outside Normal Working Hours - All attempts
  • External Login Activity from External Systems (e.g. VPN, RDP, etc)
  • Login Activity to OT Assets Outside of Normal Working Hours - Successes Only
  • Perimeter Device Changes Over Last 7 Days
  • Prohibited Traffic Allowed Over Last 24 hours
  • Prohibited Traffic Blocked Over Last 24 hours