Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk Anomaly Detection for Logs

maheswar6523
New Member
‎06-29-2018 12:23 AM

Team,

Are there any working sample to create a POC on Splunk Anomaly Detection using Logs messages.
In our senario we need to notify admin if any login failure /Error received we need to notify an alert.

Thanks
Uma

Tags (1)
0 Karma
Reply

niketn
Legend
‎06-29-2018 05:29 AM

Two of the Starting points would be

1) Machine Learning Toolkit App
2) Splunk Security Essentials App

Some of the good blocks to read:
1) Anomaly Detection with Splunk IT Service Intelligence and Machine Learning Toolkit v3.2 series
2) Hunting With Splunk Series
3) Advanced Statistics Splunk Documentation

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
0 Karma
Reply
Get Updates on the Splunk Community!

Now Available: Cisco Talos Threat Intelligence Integrations for Splunk Security Cloud ...

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk ...

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Easily Improve Agent Saturation with the Splunk Add-on for OpenTelemetry Collector

Agent Saturation What and Whys In application performance monitoring, saturation is defined as the total load ...