Alerting

Does Splunk have any documentation that shows some pre-created rules?

frideke2022
New Member
I would like to know if Splunk has any documentation that shows some pre-created rules, like those of elastic for example.

Below is the reference:

https://www.elastic.co/guide/en/security/current/prebuilt-rules.html.

I want to create some rules for firewall, antivirus and office 365.

Thanks

 

Labels (1)
Tags (2)
0 Karma

PickleRick
SplunkTrust
SplunkTrust

https://github.com/splunk/security_content

You might also want to check out the Security Essentials app - https://splunkbase.splunk.com/app/3435/

0 Karma
Get Updates on the Splunk Community!

ATTENTION!! We’re MOVING (not really)

Hey, all! In an effort to keep this Slack workspace secure and also to make our new members' experience easy, ...

Splunk Admins: Build a Smarter Stack with These Must-See .conf25 Sessions

  Whether you're running a complex Splunk deployment or just getting your bearings as a new admin, .conf25 ...

AppDynamics Summer Webinars

This summer, our mighty AppDynamics team is cooking up some delicious content on YouTube Live to satiate your ...