GitHub

Splunk SOC Lab — Log Analysis, Detection Engineering & Alerting

Purpose: Build a SOC-style environment ingesting Windows (Sysmon + Event Logs) and Linux logs into Splunk. Create detections, dashboards and playbooks mapped to MITRE ATT&CK. Ubuntu VM: Splunk ...
IT News For Australia Business

Critical Splunk bug propagates code execution

Splunk is warning of a critical vulnerability which endangers any endpoint subscribed to a Splunk deployment server. As the company explains here, Universal Forwarders are modules that collect client ...
heise online

Splunk Security Patches: Unauthorized Access Possible

If attackers successfully exploit security vulnerabilities in Splunk Enterprise, Universal Forwarder, or Secure Gateway App, they can gain access to system areas that are normally inaccessible, among ...