Splunk Enterprise Security

hunting guide pdf documentation missing

jolinchew
New Member

I try to find PDF documentation for Cyber-security hunting guide, I try below documentation link:

https://docs.splunk.com/Documentation/ES and https://docs.splunk.com/Documentation/Splunk

but no hunting guide, is there other place I can find, thanks

0 Karma

DavidHourani
Super Champion

Hi @jolinchew,

Are you looking for something like this :
https://www.splunk.com/blog/2017/07/06/hunting-with-splunk-the-basics.html
And this :
https://www.slideshare.net/Splunk/threat-hunting-with-splunk-76027177

There's a lot of resources online including youtube videos and lots of blog posts around that subject !

Cheers,
David

0 Karma

smoir_splunk
Splunk Employee
Splunk Employee

Hi @jolinchew, there is a use case manual for ES, but nothing that is specifically a "cybersecurity hunting guide"

0 Karma

jolinchew
New Member

There is a PDF provided by splunk, which provide various splunk query to identify directory listing, CSRF, stored xss, reflective xss, sql injection, ransomware.... I will provide version number and detailed file name. this can't be found in current splunk website

not html or ppt, the PDF is quite long, with more than 100 pages

0 Karma
Get Updates on the Splunk Community!

Leveraging Detections from the Splunk Threat Research Team & Cisco Talos

  Now On Demand  Stay ahead of today’s evolving threats with the combined power of the Splunk Threat Research ...

New in Splunk Observability Cloud: Automated Archiving for Unused Metrics

Automated Archival is a new capability within Metrics Management; which is a robust usage & cost optimization ...

Calling All Security Pros: Ready to Race Through Boston?

Hey Splunkers, .conf25 is heading to Boston and we’re kicking things off with something bold, competitive, and ...