Hello,
This article, https://research.splunk.com/stories/log4shell_cve-2021-44228/ , lists many log4j attack vectors and how Splunk can help detect them. This includes what datamodels to implement/use and the SPL. However, the SPL includes various macros. And these macros do not exist on my Splunk implementation. Where do I find these macros?
Thanks and God bless,
Genesius
Hi @genesiusj
do you have installed Enterprise security on your splunk istance?