Splunk Enterprise Security

Anyone using F5 GTM's and using the logs for anything?

Explorer

We have an idea to use the logs from these systems for DDOS detections. Was wondering if anyone has props\transfers that will parse\normalize\model them?

0 Karma

SplunkTrust
SplunkTrust

There is an F5 app in Splunkbase that we've used before at several clients, iirc.

0 Karma

Explorer

I didnt see anything that addressed the GTM though. Did I miss it?

0 Karma

Explorer

well I missed this: https://splunkbase.splunk.com/app/2680/

Will check this out.

0 Karma
Don’t Miss Global Splunk
User Groups Week!

Free LIVE events worldwide 2/8-2/12
Connect, learn, and collect rad prizes
and swag!