Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

intrusion/ips

hyahmadi
Explorer
‎06-24-2014 03:02 AM

hello,
how can I know, intrusion attempts by searching in logs ips on splunk ?
how to better approach the problem would be greatly appreciated
thanks

Tags (3)
0 Karma
Reply

MuS
SplunkTrust
SplunkTrust
‎06-24-2014 03:30 AM

Or like @alacercogitatus would say:

Traveling, as oft I'm inclined to do here in the lands of Broadality, I've routinely been the victim, nay, the fool of many a disagreeable happenstance. Recalling, as I will in my hours of twilight, a specific time. Caravanning with mine family, more than a fortnight from home, we happened upon the establishment of one Mr. Ibra. A young old man of about 75, invited us to dine and rest within his Tavern. Suffice it to say, we were much inclined, having been wearied by the road. Upon waking the following morn, we discovered, much to our chagrin, our horses and coach had been stolen(robbed). Slowly our minds recalled the evening prior, and learned of the malice and trickery that was our host. We asked a passer-by, more than one, but not one soul had heard the name Mr. Ibra. He had vanished. In his supposed room lay only a few articles of cloth, and some dust from the beginning of time. But wait! Rejoice! Here lay a rock! A clue! A means to our renewed veneration! "Quick!" we shouted, "follow his trail!", for the rock was an outlier, a piece of the puzzle! We hurdled over logs, and trails, and caches of treasures so rich with nothing on our minds except vengeance. Suddenly, upon the path of our newest enlightenment, we halt, confused. Stretching, there in vast adornment, were the Caves of Splunktonia. Wonderous! Stupendous! ........ Here must our story end. For it is not for me to decide for the reader, nay, the reader must decide upon the path to action. For one soul heads down one cave, the other, another. I shall leave you to your own devices, but know this: Doth ye the knowledge seek?  Therefore then you shall find the meek, but not unto your own, for only with the constant hone, of learned ways of Brothel's stone, the information will appear, and justice will be swift and near.
Reply

Ayn
Legend
‎06-24-2014 03:17 AM

This is way too vague and broad a question to answer properly.

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...