I am relatively new to Splunk as it is really used. My previous usage has all been ad hoc when it was made available to me for log analysis after an "event". That usage was mostly the equivalent of egrep + regular expressions. Splunk and I got the job done. I am finally in a place where all the features of Splunk are being ( or are intended to be ) used. I am being asked if Splunk can function as a web application security testing tool - ala BurpSuite or ZAP or Nikto or the like. My take is no - that Splunk can perform analysis functions after the fact that can potentially reveal and alert on web application security issues - but it is not a substitute for dedicated tools of the sort previously mentioned. Have I got this right? Thanks!
... View more