Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

detect web application vulnerabilities

szone
Engager
‎08-16-2021 08:27 AM

hi

I want to detect web vulnerabilities for example "XSS" or " SQLI" with splunk. for this target i collect apache log into my splunk server. and till now I find match string with signature based rule for detect them and its implement with Regex in search app of splunk. so my question is there any other way to detect this vulnerabilities without app or with app (ex :Splunk Enterprise Security)?

thanks!

0 Karma
Reply

m_pham
Splunk Employee
Splunk Employee
‎08-16-2021 01:14 PM

Looks like you want scheduled searches - tweak as needed for your alert actions.

https://docs.splunk.com/Documentation/Splunk/latest/Search/Schedulingsearches

0 Karma
Reply

szone
Engager
‎08-17-2021 12:12 AM

thanks, but i have to write a app for detecting XSS attack with splunk.
can you help for it?

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Monitoring AI Agents with Splunk Observability Cloud

Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...

[Puzzles] Solve, Learn, Repeat: Tiling

This puzzle (first published here) is based on finding groups of tessellated tiles (inspired by floor tiles I ...

SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...

    Thursday, July 9, 2026  |  11:00AM–12:00PM PDT Duration: 1 hour (includes Q&A) Managing can feel like a ...