All Apps and Add-ons

How to find SQL injection attempts using only Windows event codes?

JohnBurns8
New Member

Is there a way to find SQL injection attempts using only Windows event codes? I only have access to the Security, Application, and System logs.

0 Karma

somesoni2
Revered Legend

See if this link gives you some useful information about the same:
https://www.splunk.com/blog/2010/02/04/sql-injections-the-splunk-method-for-auditing-your-applicatio...

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...