Documentation

Project overview, quick start, repository structure, and key links.

How to add use cases, run audits, manage versions, and submit PRs.

Step-by-step guide for deploying use cases: inputs, props, transforms, dashboards.

How to deploy the dashboard to GitHub Pages with custom domains.

How to fork and adapt the catalog for your own organization or domain.

Server & compute, virtualization, network infrastructure, storage, data center physical, DC fabric/SDN, and compute/HCI. Gold-standard Cisco coverage for Catalyst Center, ThousandEyes, Meraki, SD-WAN, ACI, UCS, and HyperFlex.

Identity & access management, security infrastructure (NGFW, EDR, SIEM), and network security/zero trust. Gold-standard coverage for Cisco ISE, Duo, Secure Firewall, and ASA/AnyConnect.

Containers & Kubernetes, AWS/Azure/GCP cloud infrastructure, and cost/capacity management. Vendor best practices from CNCF, Red Hat, and FinOps Foundation.

Databases, application infrastructure, DevOps/CI-CD, observability stack (Splunk ITSI), and ITSM. DORA metrics, ITIL v4 practices, and SRE burn rates.

Email & collaboration and IoT/operational technology. Gold-standard Cisco coverage for Webex, UCM, Cyber Vision, Edge Intelligence, and Splunk Edge Hub.

Energy, manufacturing, healthcare, transportation, oil & gas, retail, aviation, telecom, water utilities, and insurance — industry-specific monitoring with regulatory context.

Regulatory compliance frameworks (GDPR, NIS2, DORA, PCI DSS, HIPAA, SOX, NIST) and business analytics for executive intelligence, revenue, HR, supply chain, and ESG.

Source markdown for the regulatory primer — covers every framework with Splunk mapping.

How compliance clause coverage percentages are calculated and validated.

Per-regulation clause coverage tables and assurance levels.

Known gaps in regulatory coverage and planned remediation.

Process for legal review of compliance claims and regulatory mappings.

Automated monitoring for regulatory text updates and deadline changes.

Auditor-facing evidence packs: GDPR, PCI DSS, HIPAA, SOX, SOC 2, ISO 27001, NIST CSF, NIST 800-53, NIS2, DORA, CMMC.

Source hierarchy, coverage taxonomy, evidence-first design, and reviewer workflow for NIS2 Splunk monitoring.

Crawl/walk/run maturity stages for NIS2 obligations with benchmark domains and control-family coverage.

Artifact bundle for counsel, auditor, or competent-authority review of the NIS2 implementation.

Validation evidence and audit commands for the NIS2 monitoring framework.

Authoritative source register with hierarchy, binding status, and retrieval dates for NIS2 legal sources.

Build pipeline, data flow, file relationships, and deployment architecture.

Target audiences, product principles, content philosophy, and feature phases.

ADRs: markdown source of truth, static SPA, catalog schema, stdlib-only, ID scheme.

Every field in a UC JSON file: name, type, constraints, and examples.

The canonical template for writing high-quality use cases with all fields.

Step-by-step playbook for uplifting UCs to gold standard quality.

Naming conventions for category directories, markdown files, and IDs.

How grandmaExplanation fields are written — the non-technical voice guidelines.

How prerequisite chains and wave assignments drive the implementation roadmap.

How CIM-normalised SPL and data model acceleration work across the catalog.

Identifies missing fields, incomplete UCs, and areas needing expansion.

Visual map of the repository structure and file dependencies.

Elevator pitch and value proposition for the use case catalog.

Machine-readable entry point for AI agents: schemas, field maps, MCP tools.

Model Context Protocol server: 10 tools, 4 URI schemes for LLM integration.

Deploying the catalog at scale: distributed Splunk, indexes, roles, and migration.

Which UCs and SPL work on Splunk Cloud vs on-prem Enterprise.

The Splunk app that recommends UCs based on your data sources and environment.

How catalog UCs relate to packaged Splunk apps and content packs.

Technology and TA filter definitions used across the catalog.

End-to-end guide for integrating Cisco Catalyst Center with the UC catalog.

Synthetic data generation guide for the top 10 most-implemented UCs.

Top-level keys, field abbreviations, and the structure of catalog.json.

Interactive API reference for /api/v1/ endpoints.

How the /api/v1/ endpoints are versioned and stability guarantees.

How uc.schema.json is versioned with additive-only changes.

Deep-link patterns for UCs, categories, filters, and search.

Provenance and origin tracking for use case content.

Scoring methodology for use case completeness, accuracy, and coverage.

Tracking the origin and review status of every UC in the catalog.

The quality mandate and tier definitions for use case content.

Checklist and process for peer-reviewing use case content.

Subject matter expert review process for technical accuracy.

Which UCs have sample data for testing and validation.

Project governance model: roles, decision-making, and contribution tiers.

How to report vulnerabilities and the project security posture.

Version history with all changes, additions, and fixes per release.

Planned features, content expansions, and infrastructure improvements.

Build provenance attestation and integrity verification for the catalog.