Hi Everyone
I'm having trouble with one of the alerts in EnterpriseSecurity which is causing a lot of noise and false positives. I've tuned the correlation rule to where I want it, but the p...
...ownloaded free version of splunk..can I use it as SIEM tool for learning purpose
Is splunkenterprisesecuritytool and free version same ie., can i use it to monitor threat logs.
Regards,
Pradeep
Hello, I'm just having a bit of difficulty differentiating between SplunkEnterprise, ITSI, SOAR, UBA, and EnterpriseSecurity. It seems like they all do similar things. Do they a...
Some of my customers are using Splunk as their SIEM solution. I have a security platform that needs to integrate into their Splunktosendsecurity events (probably syslog) into a certain index (m...
Hi all, We've configured a Forcepoint Next Generation Firewall (NGFW) tosenddata through it's Security Management Center (SMC) after following this article: https://forcepoint.github.io/d...
I'm doing research inside of SplunkEnterpriseSecurity, and I'm tagging events into the timeline. I've gone into the investigation and added my notes.
How do I export this data into a PDF or R...
Is there a document that simply and concisely compares the features of Splunk User Behavior Analytics (SplunkUBA) and SplunkEnterpriseSecurity? I cannot find anything like that except for l...
Hi all
I am using SplunkEnterprise for security...
But I have a lot of extraneous data in Splunk at the moment. Looking through the dashboards I'm finding a lot of performance and o...
...Enterprise running on-prem as a single instance deployment with the InfoSec app, and I am preparing to deploy Universal Forwarders to a select group of systems that will sendsecurity-related e...
...rying to do two things right now, I have forwarders installed on my file servers and one of my domain controllers. The thing is, the documentation is not clear on what route I need to take to ingest file data...