Splunk

Cisco AI Defense Security Alerts by Application Name

Last updated 2 days ago on 2026-07-17

About

The search surfaces alerts from the Cisco AI Defense product for potential attacks against the AI models running in your environment. This analytic identifies security events within Cisco AI Defense by examining event messages, actions, and policy names. It focuses on connections and applications associated with specific guardrail entities and ruleset types. By aggregating and analyzing these elements, the search helps detect potential policy violations and security threats, enabling proactive defense measures and ensuring network integrity.
Platform
Splunk
Tags
Data Source: SplunkDomain: ApplicationRule Type: QueryOS: Any
Severity
medium
Risk Score
47
References
https://www.robustintelligence.com/blog-posts/prompt-injection-attack-on-gpt-4(external, opens in a new tab or window)https://docs.aws.amazon.com/prescriptive-guidance/latest/llm-prompt-engineering-best-practices/common-attacks.html(external, opens in a new tab or window)
False Positives
False positives may vary based on Cisco AI Defense configuration; monitor and filter out the alerts that are not relevant to your environment.
Source
View on GitHub(external, opens in a new tab or window)

Definition

Rule Language
SPL
Rule Type
query
text code block:
`cisco_ai_defense` | rename genai_application.application_name as application_name | rename connection.connection_name as connection_name ```Aggregating data by model name, connection name, application name, application ID, and user ID``` | stats count values(user_id) as user_id values(event_message_type) as event_message_type values(event_action) as event_action values(policy.policy_name) as policy_name values(event_policy_guardrail_assocs{}.policy_guardrail_assoc.guardrail_avail_entity.guardrail_entity_name) as guardrail_entity_name values(event_policy_guardrail_assocs{}.policy_guardrail_assoc.guardrail_avail_ruleset.guardrail_ruleset_type) as guardrail_ruleset_type by model.model_name connection_name application_name application_id ```Evaluating severity based on policy name and guardrail ruleset type``` | eval severity=case( policy_name IN ("AI Runtime Latency Testing - Prompt Injection"), "critical", policy_name IN ("AI Runtime Latency Testing - Code Detection"), "high", guardrail_ruleset_type IN ("Toxicity"), "medium", true(), "low" ) ```Calculating risk score based on severity level``` | eval risk_score=case( severity="critical", 100, severity="high", 75, severity="medium", 50, severity="low", 25 ) | table model.model_name, user_id, event_action, application_id, application_name, severity, risk_score, policy_name, connection_name, guardrail_ruleset_type, guardrail_entity_name | `cisco_ai_defense_security_alerts_by_application_name_filter`

View this rule on Splunk

This rule was sourced from the official Splunk public repository. View the original rule on GitHub(external, opens in a new tab or window).