Hello guys,
Can anyone please help me to create a DOS/DDOS alert without using any application in splunk.
For example:
if source IPs sending thousands of TCP packets simultaneously within the 15-20 minutes or so.
I can't seem to find any docs that related to this.
TIA