Getting Data In
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

getting datasets

nina
Engager
‎09-30-2023 09:15 AM

Hello everyone, I'm working on a project ''Splunk Enterprise: An organization's go-to in detecting cyber threats''  please how/where can I get datasets and logs that I will use for my project.

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

meetmshah
Builder
‎09-30-2023 10:11 AM

Hello @nina, There are a few ways - 

 - If you are planning to showcase some use cases as a part of Project - Splunk Security Essentials (https://splunkbase.splunk.com/app/3435) does have some built-in datasets. For example for Sample Brute Force Attack Detection

https://github.com/splunk/botsv3 does have a number of sample datasets for multiple sourcetypes

- You can use EventGen (https://splunkbase.splunk.com/app/1924) to generate "more" events based on existing event formats.

 

Please accept the solution and hit Karma, if this helps!

View solution in original post

Reply
Solved! Jump to solution

nina
Engager
‎10-03-2023 03:59 PM

hello, thankyou so much for responding. even though i am entirely new to splunk and trying to find my way with youre recommendation, they are very useful.

0 Karma
Reply
Solved! Jump to solution

inventsekar
SplunkTrust
SplunkTrust
‎10-03-2023 05:00 PM

Hi @nina ... to learn regex/rex, i have made lot of videos.. pls check it.. thanks. 

Splunk newbie learning videos, for absolute beginners:
https://www.youtube.com/@SiemNewbies101/playlists

thanks and best regards,
Sekar

PS - If this or any post helped you in any way, pls consider upvoting, thanks for reading !
0 Karma
Reply
Solved! Jump to solution
Solution

meetmshah
Builder
‎09-30-2023 10:11 AM

Hello @nina, There are a few ways - 

 - If you are planning to showcase some use cases as a part of Project - Splunk Security Essentials (https://splunkbase.splunk.com/app/3435) does have some built-in datasets. For example for Sample Brute Force Attack Detection

https://github.com/splunk/botsv3 does have a number of sample datasets for multiple sourcetypes

- You can use EventGen (https://splunkbase.splunk.com/app/1924) to generate "more" events based on existing event formats.

 

Please accept the solution and hit Karma, if this helps!

Reply
Get Updates on the Splunk Community!

Mastering Data Pipelines: Unlocking Value with Splunk

 In today's AI-driven world, organizations must balance the challenges of managing the explosion of data with ...

The Latest Cisco Integrations With Splunk Platform!

Join us for an exciting tech talk where we’ll explore the latest integrations in Cisco + Splunk! We’ve ...

AI Adoption Hub Launch | Curated Resources to Get Started with AI in Splunk

Hey Splunk Practitioners and AI Enthusiasts! It’s no secret (or surprise) that AI is at the forefront of ...
Top