#Random
This is a place to discuss all things outside of Splunk, its products, and its use cases.

New to Splunk- requesting guidance on logs

Dawner82
New Member

Would love some guidance about what to look for in the logs

Labels (1)
0 Karma

richgalloway
SplunkTrust
SplunkTrust

Welcome to Splunk!

What logs do you have?  What you can look for will depend on what you have to work with.

You bought Splunk for a reason.  Look for whatever satisfies that reason.

Look for whatever causes the on-call person to get woken up at night.  Try to catch the problem before it has to be escalated to the on-call.

What keeps the CIO/CISO from sleeping at night (data breach, ransomware, etc.)?  Look for evidence of that.

---
If this reply helps you, Karma would be appreciated.
Get Updates on the Splunk Community!

Now Available: Cisco Talos Threat Intelligence Integrations for Splunk Security Cloud ...

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk ...

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Easily Improve Agent Saturation with the Splunk Add-on for OpenTelemetry Collector

Agent Saturation What and Whys In application performance monitoring, saturation is defined as the total load ...