Splunk Enterprise Security

IS IIS and Apache logs of any use in enterprise security


I was looking at our enterprise security and wondering weather IIS or apache logs are playing any significant role in the application. There are a few GB's of logs available. So if brought in will it form part of any of the prebuilt panels or do i have to write my own queries in respect to ES.

0 Karma
Get Updates on the Splunk Community!

There's No Place Like Chrome and the Splunk Platform

Watch On DemandMalware. Risky Extensions. Data Exfiltration. End-users are increasingly reliant on browsers to ...

The Great Resilience Quest: 5th Leaderboard Update

The fifth leaderboard update for The Great Resilience Quest is out >> 🏆 Check out the ...

Devesh Logendran, Splunk, and the Singapore Cyber Conquest

At this year’s Splunk University, I had the privilege of chatting with Devesh Logendran, one of the winners in ...