- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Basic Brute Force Detection (Splunk Security Essentials)
jamie1
Communicator
03-22-2023
08:15 AM
Hi There,
I am new to Splunk and have data coming in from just one server. I have tried running the basic brute force detection search, and receive thousands of events. I don't think this is accurate and thus feel as though I must have misconfigured something, somewhere. I'm not sure where I should begin to look.
Any help would be appreciated,
Jamie
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
jamie1
Communicator
03-22-2023
09:52 AM
I also noticed an error: (Eventtype 'bd_Authentication-audit' does not exist or is disabled).
