Hello,
I am helping client of mine monitor network for malware or hacker and we are looking to built SPL to monitor command and control becon traffic. I search forum but not much info. Any help will be great.
hello, i found this github:
https://github.com/corelight/Dashboards-Splunk-DNS-Hunting-Beaconing/tree/master