Prism turns plain-English questions into real-time security analytics. No SPL expertise needed — just describe what you're looking for and let AI do the rest.
Prism combines an AI agent pipeline with enterprise-grade governance so your team can query, analyze, and visualize security data without writing a single line of SPL.
Type what you're looking for in plain English. Prism's AI translates your intent into optimized SPL queries and executes them against your Splunk environment.
Every AI-generated query passes through a governance layer that enforces index allowlists, time bounds, scan budgets, and blocks dangerous commands before execution.
Results are automatically summarized by the LLM and rendered as interactive Vega-Lite charts — bar charts, time series, tables, and more — no manual config required.
Each organization gets isolated data access, index policies, and usage quotas. Keycloak-backed SSO ensures users see only what they should.
Prism crawls your data sources to build a semantic catalog of indexes, sourcetypes, and fields — giving the AI richer context for more accurate queries.
Watch every step of the agent pipeline in real time — intent parsing, governance validation, data execution, and analysis — streamed as Server-Sent Events.
Prism's AI agent pipeline handles the entire workflow automatically.
Type a natural-language question like "Show me failed logins in the last 24 hours" into the query bar.
The LLM interprets your intent and generates an optimized SPL query targeting the right indexes and fields.
The query is validated against your tenant's policies — index allowlists, time bounds, scan limits, and command blocklists.
Data is fetched from Splunk, summarized by the AI, and rendered as interactive charts and tables in your dashboard.
Log in to your Prism workspace and start asking questions.
Log In to Prism →