This series will help you as you’re working with the Splunk Universal Forwarder (UF). There are a variety of reasons you may not want the universal forwarder running on your machine anymore and, in this portion of the series, Tom will walk you through how to uninstall the Splunk UF. This can help reduce the likelihood of configuration conflicts if you’re migrating to a new Splunk environment.

Read more...




Put a system on the Internet and the Internet will try to log into it for you. This tutorial shows you how to build an SSH honeypot, and capture and analyze the data (including usernames, passwords, and IP addresses) in a Splunk installation.

Read more...

Combining Splunk alerting, Webooks, and an external tool allows an extra degree of flexibility beyond what is available out of the box. This tutorial walks you through a basic example of how to use the data from Splunk to power a custom alert action. Use this as a baseline for developing more advanced alerting processes.

Read more...


Close off Canvas Menu