GitHub

analystbackpack/splunk-lab-orb

This project lets you stand up a Splunk instance in Docker on a quick and dirty basis. But what is Splunk? Splunk is a platform for big data collection and analytics. You feed your events from syslog, ...
GitHub

Brute-Force Detection in Windows with Splunk (MITRE ATT&CK T1110)

This repository contains a lab and detection pipeline for simulating brute-force attacks (MITRE ATT&CK T1110) against a Windows Server and analyzing Windows security events in Splunk. The project ...