Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Useful security searches

robK123
Explorer
‎11-23-2012 06:23 AM

I am new to Splunk and am learning all about it, I was hoping you guys would be able to give me some examples of how I can use Splunk from a security prescriptive, I have already created searches for login failures but what else can Splunk do from a security point of view?

Thanks,

Tags (1)
0 Karma
Reply

sd23c109
Explorer
‎11-24-2012 08:30 PM

Too numerous to cover them all, but the things I have seen are:

1) Using "transactions" to find abnormal behavior over a period of time (check out search reference guide to see what I mean).
2) Finding correlations across multiple log files (my syslog says this, my checkpoint FW said that, and I got my IDS telling me this....so this is what is going on).
3) Creating alerts and notifications that send emails or even log messages to your NOC.

The key is to pump data into Splunk and let it "learn" what you put in there. It will tell you things you never knew.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas     Cisco Live 2026 is almost here, and this ...

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Hello Splunkers,   So you searched, “what is the name of the usb key inserted by bob smith?”  Not gonna lie… ...

Automating Threat Operations and Threat Hunting with Recorded Future

    Automating Threat Operations and Threat Hunting with Recorded Future June 29, 2026 | Register   Is your ...