User Behaviour Analytics

Splunk User Behaviour Analytics

Securing against unknown threats through user and entity behavior analytics.

Splunk UBA is a machine learning driven solution that helps organizations find hidden threats and anomalous behavior across users, devices, and applications. Its data science-driven approach produces actionable results with risk ratings and supporting evidence, augmenting SOC analysts’ existing techniques.

Splunk User Behavior Analytics not only captures the footprint of threat actors as they traverse enterprise, cloud, and mobile environments, but also runs them through its advanced machine learning algorithms to baseline, detect deviations and find anomalies continuously. These aberrations are then stitched into a meaningful sequence over time using pattern detection and advanced correlation to reveal the actual kill chain, which is not only comprehensible but also immediately actionable.


To combat a changing threat landscape, you need a solution that embodies a big data platform, machine learning and data science. Explore Splunk User Behavior Analytics—an out-of-the-box solution that is designed to detect external attacks and insider threats using behavior baselines, peer group analytics and a wide range of unsupervised machine learning algorithms.

Automatically find unknown threats using machine learning

Enhance Visibility and Detection


Automate threat detection using machine learning so you can spend more time hunting with higher fidelity behavior-based alerts for quick review and resolution.

Accelerate Threat Hunting


Rapidly identify anomalous entities without human analysis. Rich set of anomaly types (65+) and threat classifications (25+) across users, accounts, devices and applications.

Augment SOC Resources


Automatically stitch hundreds of anomalies observed across multiple-entities—users, accounts, devices and applications—to a single threat for faster action.

Better Together: Splunk ES and Splunk UBA


Organisations gain maximum value to detect and resolve threats and anomalies via the power of human and machine-driven solutions by combing Splunk Enterprise Security and Splunk UBA.

Download the Splunk Solution Guide for Security

Splunk products can help you defend against highly targeted attacks across your IT infrastructure.