Powered By TEKGENX CONSULTING
Views: 26Splunk Cheat Sheet Query to identify failed login attempts: Query to identify privilege escalation attempts: Query to identify failed SSH attempts: Query to identify successful SSH attempts: Query to identify unusual network traffic: Query to identify suspicious processes: Query to identify brute force attacks: Query to identify privilege escalation attempts on Windows systems: Query … Read more
Views: 14Splunk Components Splunk Forwarder Splunk Forwarder is a lightweight agent installed on the endpoint intended to be monitored, and its main task is to collect the data and send it to the Splunk instance. Splunk Indexer Splunk Indexer plays the main role in processing the data it receives from forwarders. It takes the data, normalizes … Read more
Views: 43Here are some examples of Suricata rules that can be used to detect web application attacks: 1. SQL Injection: 2. Cross-Site Scripting (XSS): 3. Remote File Inclusion (RFI): 4. Local File Inclusion (LFI): 5. Command Injection: 6. Server-Side Request Forgery (SSRF): These are just a few examples, and you can modify or create additional … Read more