Why You Should Never Use Leading Wildcards in Splunk Searches

This tutorial demonstrates the importance of proper wildcard use in Splunk searches and how simple changes significantly reduce the amount of time searches take to run.

Read More



Threat Hunting with Splunk: Part 1, Intro to Process Creation Logs

Threat Hunting with Splunk: Part 1, Intro to Process Creation Logs

This tutorial helps you know where to start finding anomalous activity through the examination of process creation logs...

Read More
How to Set up Splunk HEC the Smart Way

How to Set up Splunk HEC the Smart Way

This tutorial will show you how to test and troubleshoot a Splunk HTTP Event Collector (HEC) configuration....

Read More
How to Use the 2019 CPTC Security Dataset in Splunk

How to Use the 2019 CPTC Security Dataset in Splunk

This tutorial will walk you through the process of importing the 2019 CPTC data into your own Splunk instance....

Read More
Identifying Splunk Search Duplicates with jellyfish and Jaro-Winkler

Identifying Splunk Search Duplicates with jellyfish and Jaro-Winkler

Managing Splunk across several search heads can be a challenge. Part of this is an issue that can easily go unseen...

Read More
How to Set Custom Time Range Presets in Splunk

How to Set Custom Time Range Presets in Splunk

If you need to run Splunk searches over a specific time range, this tutorial by Tom Kopchak will show you how to...

Read More
What the HEC: AWS WAF Logs

What the HEC: AWS WAF Logs

  • Nov 26, 2019

In this tutorial you will learn how to set up AWS and Splunk to get AWS WAF logs, and how to design your HEC setup...

Read More


Close off Canvas Menu