SSL Secured
| |

Ingest logs into Splunk using TLS

In today’s digital world, organizations are generating massive amounts of log data that contain valuable insights into their systems, applications, and networks. Splunk is a popular platform that helps organizations analyze and visualize this log data to gain insights and improve their operations. Today we are going to discuss ingesting syslog from FireEye HX Cloud…

Splunk Threat Activity Detected
| | | | |

Splunk local threat intel

Why yet another Splunk local threat intel article ? Obviously, there are many excellent articles: Unlike other articles, we mainly focus on common operational issues of Splunk local threat intel usage including: Before we start to discuss those operational issues, let’s explore the workflow of threat intelligence framework. Basically, it consists of 4 phases: Threat…