Blogs

  • By Tony Sweet 20/05/2020

    Supporting Add On for MITRE – SA-mitreThis app provides a method to ingest MITRE ATT&CK tactics, techniques, and subtechniques into Splunk events.  The app contains a mitre_techniques KV

    COMMENTS : 0
  • By Tony Sweet 14/01/2020

    Overview Shifting from a used case approach to a risk-based approach will require a mind shift on how some features are used. This install guide assumes you already have Enterprise Security and have

    COMMENTS : 0
  • You all must have heard of Splunk datetime recognition issues starting Jan 1st 2020. Below is visual representations of the date formats using regex that are impacted. You will have to change datetime

    COMMENTS : 0
  • If you want to install Splunk on CentOS 7, we have a checklist that'll get you going super fast. You might already be familiar with Splunk and its features, so we'll jump right into the CentO

    COMMENTS : 0
  • By Bitsioinc 06/07/2019

    Decoding Indexes.confIndexes.conf configuration file is used to manage and configure index settings. Use the [default] stanza to define any global settings and [<index>] stanza to define index

    COMMENTS : 0