Splunk Search

Trending of Login Failures to establish a baseline of processing normalcy.

splunkit2010
Explorer

Hello. What is the best way to trend login failures. Would like to create a baseline of processing normalcy over a two week period. Also, how would we retain this information for future comparisons? Thanks.

Tags (1)
0 Karma

richcollier
Path Finder

The Prelert Anomaly Detective app uses machine-learning algorithms to automatically learn the baseline rates of your events and uses that information to detect anomalies in current data. It can auto-learn the base line in 3 modes:

  • over a wide search period that you define
  • comparing two discrete time periods against each other
  • ongoing in real-time

Sounds like it would be useful for your use-case!

0 Karma

efavreau
Motivator

Page produces a 404. Is there nothing in core splunk?

###

If this reply helps you, an upvote would be appreciated.
0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...