Splunk Enterprise

Capture_hostname

Pantman
Observer

I used the query index="botsv2" Amber. I found a capture_hostname: matar 

Pantman_0-1701263405965.pngPantman_1-1701263418745.png

 

Which e-mail seems to be linked to "matar"?

 

And who sends the person attach to the "feed" email to?

 

This is from https://github.com/splunk/botsv2

 

Labels (1)
0 Karma
Get Updates on the Splunk Community!

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...

March Community Office Hours Security Series Uncovered!

Hello Splunk Community! In March, Splunk Community Office Hours spotlighted our fabulous Splunk Threat ...