The Splunk app for Fraud Analytics (SFA) is a comprehensive fraud detection solution built on the existing development frameworks of Splunk Enterprise Security. SFA offers your fraud team a standardized workflow, extensive interactive visual investigation capabilities, and a robust risk-based alerting framework, which is completely customizable and extensible.
Using the risk-based alerting framework, SFA uniquely provides fraud prevention teams the ability to improve alert fidelity and reduce false positives, ensuring that financial, legal, compliance, and reputational losses are minimized.
Splunk App for Fraud Analytics supports use cases and detections within Financial Services, Unemployment Insurance and Healthcare verticals.
Detections of fraud in Financial Services includes account takeovers, new accounts fraud, anti-money laundering and number of other use caaes.
Unemployment insurance fraud includes correlation searches and detections of three major indicators of fraud: impersonation, location deception and shared accounts.
Healthcare vertical includes detections of drug diversion and opioid mishandling. Essential detections includes attempts to access opioids forcefully, excessive number of anomalous transactions and discovery of more complex behavior patterns related to witness collusion during disposal of unused opioids.
All new and existing fraud use cases are supported with relevant dashboards and customized interactive investigator panels.
Note:
The SFA app requires technical expertise. If you need assistance to troubleshoot the app’s framework, contact Splunk Support. If you need assistance to customize the app, contact your account team.
The app does not include test data, but you can download and install test data from here: https://drive.google.com/file/d/1aVos6D5pJvDikPByfIPqAgaBp_KDRKKe/view?usp=drive_link.
Please consider that using test data can use up to 7 GB and will take 10-30 minutes for the test data to initialize correctly.
* Configure *
See the Details tab for dependencies and configuration instructions.
* Help *
User Guide: https://docs.splunk.com/Documentation/FraudAnalytics/latest/UserGuide/Overview
Install Splunk Enterprise Security to use Splunk app for Fraud Analytics.
Instructions and full documentation on the Splunk app for Fraud Analytics can be found HERE
Prerequisites
*Splunk Enterprise Security version 6.5.2 or higher
Splunk Enterprise version 8.x.x+ or higher
What is it
Splunk App for Fraud Analytics (SFA) is installed within Splunk Enterprise as an add-on to Splunk Enterprise Security. It includes default content such as fraud rules and dashboards that allows customers to conduct fraud analytics with technical expertise. If you require assistance with this, you can reach out to your account team.
If the customer ingests data that corresponds to the data models and/or creates any required aliases, the dashboards will get populated. Customizations may be required.
