ethansilvas / splunk-logs-and-investigations

Investigating attacks using Splunk Enterprise logs and creating SPL intrusion detection searches based on known attacker TTPs and anomaly behavior derived from statistical baselines
15Updated last year

Related projects

Alternatives and complementary repositories for splunk-logs-and-investigations