HI all,

Anyone out there had any benefit from the free Threat intel List in Splunk ES? Its causing alot of noise, I am not sure about the accuracy. Please shed some light someone?

alexa_top_one_million_sites

cisco_top_one_million_sites

emerging_threats_compromised_ip_blocklist

emerging_threats_ip_blocklist

hailataxii_malware

iblocklist_logmein

iblocklist_piratebay

iblocklist_proxy

iblocklist_rapidshare

iblocklist_spyware

iblocklist_tor

iblocklist_web_attacker

icann_top_level_domain_list

local_certificate_intel

local_domain_intel

local_email_intel

local_file_intel

local_http_intel

local_ip_intel

local_process_intel

local_registry_intel

local_service_intel

local_user_intel

malware_domains threatlist_domain

maxmind_geoip_asn_ipv4

maxmind_geoip_asn_ipv6

mozilla_public_suffix_list

phishtank

sans

zeus_bad_ip_blocklist

zeus_standard_ip_blocklist