Splunk Enterprise Security

Where do I find the macro "src_dest_tracker" listed in a Corr. search in ES to detect Spyware activity?

SamHTexas
Builder

This posting did not let me share the search string due to it containing HTML code etc. Any advice is appreciated. Thank u 

Labels (1)
0 Karma
Get Updates on the Splunk Community!

Developer Spotlight with Paul Stout

Welcome to our very first developer spotlight release series where we'll feature some awesome Splunk ...

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Deprecation of Splunk Observability Kubernetes “Classic Navigator” UI starting ...

Access to Splunk Observability Kubernetes “Classic Navigator” UI will no longer be available starting January ...