Greetings...
We are currently using ES and ingesting data from our IDS and AV to populate the Malware DataModel.
According to the documentation:
https://docs.splunk.com/Documentation/CIM/4.13...
We are using ES with a datamodel that has the base constraint:
(`cim_Malware_indexes`) tag=malware tag=attack
This drives correlation searches like: Endpoint - Recurring Malware I...
Hi all. I have Symantec Endpoint Protection Manager and troubleshooting the splunk Malware Datamodel. I am trying to determine what exactly constitutes an event as malware. I've already g...
hi Expert, i have a question for this issue. What methods are you used to detect malware? Does it have anything to do with SVM or machine learning? Please help me answer this q...
I am using the Infosec App but I am not getting any malware information.
I am getting events from Sophos Central and these are searchable etc.
I have set the cim_malware_indexes to search the s...
when we try to connect with a google subject, the computer redirects to some other home page for some products we have no interest in, no matter how many times we return to google and try another con...