Hi,
I use SplunkEnterpriseSecurity with ThreatIntelligence framework.
Splunk creates many notables 'Threat Activity Detected' but I'd like to add/remove/edit source types.
I have only e...
...alware Domains threatlist is not supportedinEnterprisesecurity version 6.5.0 or higher.
Is it any kind of lookup definition as mentioned in below link?
https://c...
Hi,
We have upgraded EnterpriseSecurity from 4.5.2. to 4.7.1. After the upgrade we are getting two typesof error message in our environment.
Type 1:
msg="A script exited abnormally" in...
Hi Splunkers,
We have an indicator of a phishing source from email headers - a PC name. We need to add it to a ThreatIntel collection for ES.
I did not find an appropriate one to use. Should w...
Hi,
Is there a way or any direct link form where i can download all the sessions ofSplunk 2016 which is available at the below link?
https://conf.splunk.com/sessions/2016-sessions.html
I k...