I need your support on how I can create Splunk SIEM rules to detect future attack as requested to this below link:
Your help will be most appreciated, thanks in advance!
Thank you so much for your prompt response @richgalloway.
May you guide me please or is there another link that shows step by step how I could do it ... I've read it but it's too more complex for me to understand, Kindly help and guide me step by step if possible.
Thank you again.
I do not have steps for this. The blog and the links within it are good references, but this topic is not for newbies/noobs/n00bs. Read through the blog postings and write your own steps as you go.
I'm assuming, of course, that you have Solarwinds data indexed in Splunk already. If you don't then step #1 is to onboard that data.