recentpopularlog in


« earlier   
Creators of Splunk apps, etc.
5 days ago by dremillard
Getting data from your REST APIs into Splunk
This is a Python app that can poll a REST endpoint and upload to Splunk.
Splunk  REST  Python 
6 days ago by dremillard
Getting DevOps Insights from the Splunk Essentials for Application Analytics App
Splunk and its suite of products have always been at the forefront for solutions that help the IT and security industries. via Pocket
18 days ago by goeran
Walkthrough | HTTP Event Collector
Splunk indexes and makes searchable data from any app, server or network device in real time including logs, config files, messages, alerts, scripts and metrics.
splunk  reference 
21 days ago by dirtpupfc
GitHub - TBGSecurity/splunk_shells: Weaponizing Splunk with reverse and bind shells.
This app is to help with penetration testing and Red Teaming within environments that have a Splunk deployment.

This app will allow the engineer to spawn a Reverse of Bind Shell from a Splunk server to allow the engineer to interact with the server and expand influence within the environment.
splunk  pentest 
26 days ago by whip_lash
About advanced XML - Splunk Documentation
Important notice: The Advanced XML dashboard framework is officially deprecated. For more information, see Advanced XML Deprecation.
splunk  dashboard  xml 
4 weeks ago by bwiese
How to use Puppet Bolt and Splunk to report on compliance - Puppet
In this article we looked at the following:

How to write simple Puppet tasks testing for CIS compliance controls, both in bash and python
Creating a Puppet plan driving the CIS control tasks
Sending the compliance test output to Splunk
CIS  splunk  puppet  compliance  sysadmin 
6 weeks ago by unclespeedo
Splunk Enterprise Selected as CDM Data Integration Solution for 25 Federal Civilian Government Agencies | Splunk
Splunk was included in task order awards 2A-2E under Phase 1 of the Department of Homeland Security (DHS) Continuous Diagnostic and Mitigation (CDM) Program.
jk-infosec  jk-b7  jk-splunk  jk-siem  jk-govt  agencies  cdm  civilian  data  enterprisel  federal  government  integration  solution  splunk 
8 weeks ago by websitejk
sort command examples | Big Book of Splunk Searches
| sort _time
| streamstats current=f global=f window=1 last(_time) as last_ts
| eval time_since_last = _time - last_ts
| fieldformat time_since_last = tostring(time_since_last, "duration")
splunk  search  query  reference 
8 weeks ago by bwiese
Splunk App for Windows Event Logs
The Interesting Processes section from the Processes dashboard is partially based on a presentation by Michael Gough from "The Top 10 Windows Event ID's Used To Catch Hackers In The Act". See for the presentation slides and information on how to enable the auditing of processes, including command-line based ones. The list of "interesting processes" is based on a study by JPCERT CC (Japan Computer Emergency Response Team Coordination Center) on detecting lateral movement through tracking of event logs. The list is stored in C:\Program Files\Splunk\etc\apps\eventid\lookups\interesting_processes.csv and it can be adjusted with a text editor if needed.

The XML dashboard is design to report Windows events rendered from the XML by using the renderXML stanza. The renderXML option reduced the volume of data to about 25% of the regular events, however some details such as the full description of the event are no longer recorded. See Feature Overview: XML Event Logs for more details.
splunk  threathunting  audit  eventid  windows  cybersecurity 
8 weeks ago by bwiese

Copy this bookmark:

to read