One of the advantages of Splunk is the possibility to customize pretty much anything in terms of UI/Workflow. Below is one example on how to make dynamic drilldown searches based on the output of aggregated results (post-stats). Even though Enterprise Security (ES) comes with built-in correlation searches (rules), some mature/eager users leverage Splunk’s development appeal…
Category: Splunk
Honing in on the Homeless – the Splunkish way
Have you noticed Splunk just released a new version, including new data visualizations? I had been eager to start playing with one of the new charts when yesterday I came across a blog post by Bob Rudis, who is co-author of the Data-Driven Security Book and former member of the Verizon’s DBIR team. In that…
Splunkers on Twitter
Below is a list of Splunk users I am following on Twitter, including Splunkers, partners and awesome users. Most of them are also into #Infosec. The list is not sorted in any particular order. Missing someone, maybe you?! Please feel free to contact me for adding more. In case you want to follow a list,…
My TOP 5 Security (and techie) talks from Splunk .conf 2015
If you are into Security and didn’t have an opportunity to attend the Splunk conference in Las Vegas this year (maybe you’re busy playing Blackjack instead?), here’s what you can not miss. The list is not sorted in any particular order and, whenever possible, entries include presenters’ Twitter handles as well as takeaways or comments…
Opstune.com 