Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Can anyone please help to create a DOS/DDOS alert without using any application in Splunk?

mlm
Explorer
‎02-03-2023 08:09 AM

Hello guys,

Can anyone please help me to create a DOS/DDOS alert without using any application in splunk. 

For example: 

if source IPs sending thousands of TCP packets simultaneously within the 15-20 minutes or so.  

I can't seem to find any docs that related to this.

TIA

Reply

marioespbaires
Loves-to-Learn
‎10-31-2023 02:41 PM

Hello there,

did you find how to do it? if so, may you share it? 😄 

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎11-02-2023 05:09 AM
Hi
To getting help you must 1st tell what you have on your splunk. Describe your log events, indexes etc.
This is doable if/when you have suitable data in splunk.
r. Ismo
0 Karma
Reply
Get Updates on the Splunk Community!

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

As of Splunk Cloud Platform 9.3.2408 and Splunk Enterprise 9.4, classic dashboard export features are now ...