Splunk Server Attack: Reviewing The Logs

“When first accessing to a new Splunk implementation, I always want to poke around and review the information that’s already being indexed within the environment. I familiarize myself with the naming conventions, number of systems, and possibly valid usernames and/or passwords.”
-Ryan, TBG Security‘s Director of Security Engineering

 

Get In Touch

Have a question? We’re here to help.

Contact Us