Using Splunk as an Offensive Security Tool

It’s important for both offensive and defensive security professionals to be aware of the attack vectors facing a Splunk deployment. This tutorial will show you some ways Splunk can be used as an offensive tool and the steps you can take to reduce the associated risks.

Read More



Identifying Splunk Search Duplicates with jellyfish and Jaro-Winkler

Identifying Splunk Search Duplicates with jellyfish and Jaro-Winkler

Managing Splunk across several search heads can be a challenge. Part of this is an issue that can easily go unseen...

Read More
How to Set Custom Time Range Presets in Splunk

How to Set Custom Time Range Presets in Splunk

If you need to run Splunk searches over a specific time range, this tutorial by Tom Kopchak will show you how to...

Read More
What the HEC: AWS WAF Logs

What the HEC: AWS WAF Logs

  • Nov 26, 2019

In this tutorial you will learn how to set up AWS and Splunk to get AWS WAF logs, and how to design your HEC setup...

Read More
Windows Event Log Filtering & Design in Splunk

Windows Event Log Filtering & Design in Splunk

Are you suffering from too much (or too little) Windows event data in your Splunk environment? This post will teach you...

Read More
How to Deploy Splunk SmartStore

How to Deploy Splunk SmartStore

Splunk SmartStore is a fundamental change in how Splunk stores data, allowing the use of an S3 compliant object store to...

Read More
Splunk Certificates: Master Guide

Splunk Certificates: Master Guide

Many of the administrative tasks surrounding Splunk certificates are confusing and lack helpful step-by-step...

Read More


Close off Canvas Menu