Splunk Search

Can anyone help me determine if this is a threat to my system?


Trying to determine and get spun up on a lot of the terminology in splunk. So I have some events that I was lucky to find in the logs, potentially their source is threatening as an exploit. Can anyone help clarify what is going on with them? Much thanks!

See screenshot: http://i.imgur.com/0f4ZQca.png

Tags (1)
0 Karma


This looks like a bot probing for vulnerabilities. For more information: http://forum.joomla.org/viewtopic.php?f=432&t=740054

If you have a Joomla site, make sure it is updated.

0 Karma

Splunk Employee
Splunk Employee

Szethius - unfortunately we can't help you with determining what is a threat and what isn't a threat. If you're really concerned, you pretty much have two options. You can contact a professional security person to review your logs. The other option is to start Googling those log entries.



That IP address is registered in Turkey....... mmmmm... turkey.....

Get Updates on the Splunk Community!

Observability | How to Think About Instrumentation Overhead (White Paper)

Novice observability practitioners are often overly obsessed with performance. They might approach ...

Cloud Platform | Get Resiliency in the Cloud Event (Register Now!)

IDC Report: Enterprises Gain Higher Efficiency and Resiliency With Migration to Cloud  Today many enterprises ...

The Great Resilience Quest: 10th Leaderboard Update

The tenth leaderboard update (11.23-12.05) for The Great Resilience Quest is out >> As our brave ...