Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Can anyone help me determine if this is a threat to my system?

Szethius
Explorer
‎04-19-2013 04:03 AM

Trying to determine and get spun up on a lot of the terminology in splunk. So I have some events that I was lucky to find in the logs, potentially their source is threatening as an exploit. Can anyone help clarify what is going on with them? Much thanks!

See screenshot: http://i.imgur.com/0f4ZQca.png

Tags (1)
0 Karma
Reply

bigtyma
Communicator
‎04-19-2013 12:20 PM

This looks like a bot probing for vulnerabilities. For more information: http://forum.joomla.org/viewtopic.php?f=432&t=740054

If you have a Joomla site, make sure it is updated.

0 Karma
Reply

bosburn_splunk
Splunk Employee
Splunk Employee
‎04-19-2013 05:47 AM

Szethius - unfortunately we can't help you with determining what is a threat and what isn't a threat. If you're really concerned, you pretty much have two options. You can contact a professional security person to review your logs. The other option is to start Googling those log entries.

Brian

Reply

alacercogitatus
SplunkTrust
SplunkTrust
‎04-19-2013 05:51 AM

That IP address is registered in Turkey....... mmmmm... turkey.....

Reply
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...