Splunk Splunk produces software for searching, monitoring, and analyzing machine-generated big data, via a Web-style interface

The latest update for #Splunk includes "Beyond the #DataLake: Leading Cross-Domain Operational Intelligence" and "From Data Chaos to Results: The New Data Strategy for the Agentic Era".

#monitoring #logging https://opsmtrs.com/2BWVlMc

Splunk 2 TryHackMe Writeup (Part 2) — BOTS v2 SOC Investigation (300 & 400 Series) Advanced Threat Investigation Using Splunk (BOTS v2 Dataset)

Just published the second part of TryHackMe Splunk 2 (Bots v2). A hands-on SOC workflow covering:

• Ransomware
• Malware execution
• C2 traffic
• Persistence analysis

#CyberSecurity #SOCAnalyst #Splunk #SIEM

This clip makes a practical point: teams should not have to abandon the tools they already trust in order to get more out of their data.

Hydrolix fits into that better-together conversation well.

#Hydrolix #Observability #Splunk #Datadog

GitHub - TensionFund/splunk-threat-hunt-botsv1 Contribute to TensionFund/splunk-threat-hunt-botsv1 development by creating an account on GitHub.

14 days later → Cerber ransomware.

Full hunt + IR report + every SPL query:
github.com/TensionFund/...

#cybersecurity #threathunting #splunk #infosec

デジタルレジリエンス実現へ、CISOの役割が進化するAIの活用 最新のSplunkレポートでは、CISOがAI時代にどのような課題と向き合っているのか、デジタルレジリエンスを高める取り組みが明らかに。セキュリティの未来を探ります。

デジタルレジリエンス実現へ、CISOの役割が進化するAIの活用 #Splunk #エージェンティックAI #CISOレポート

最新のSplunkレポートでは、CISOがAI時代にどのような課題と向き合っているのか、デジタルレジリエンスを高める取り組みが明らかに。セキュリティの未来を探ります。

Sometimes you get things where you least expected.

While investigating the breached dataset in #splunk, I encountered this EventID, which at first looks completely noisy, but as soon as I pivoted to its ProcessGuid, I found a complete attack chain.

Writing this up for Part 2 on Monday. Part 1👇👇

Awakari App

Hunting APT29 in 196,071 Logs: What I Found in EventID 1 This is Part 1 of an ongoing series where I work through the MITRE ATT&CK Evaluations APT29 dataset in Splunk. No vendor tools. No short...

#splunk #medium #cybersecurity #detection-engineering #infosec

Origin | Interest | Match

Zero-Downtime Splunk Migration at inDrive: From Bare Metal to AWS SmartStore

How to migrate Splunk to AWS SmartStore with zero downtime using hybrid architecture, S3 storage, and multi-cluster search. #splunk

Hunted through 196,071 APT29 logs in #Splunk. Process creation had 449 events. Memory access had 39,286. APT29 was nearly invisible at the layer most detections watch.

Still working through the lateral movement and credential access layers. Link is in comments.
#substack #Cybersecurity #bsky #APT29

Splunk 2 TryHackMe Writeup (Part 1) — BOTS v2 SOC Investigation (100 & 200 Series) Practical Log Analysis from the Boss of the SOC (BOTS v2) Dataset

My new post on my TryHackMe Splunk 2 (Bots v2) investigation covers:

• Data collection & filtering
• Deep-dive into raw event logs
• Pattern recognition & correlation
• Identifying phishing & exfiltration activity

A practical look at real SOC investigation workflows.

#InfoSec #BlueTeam #Splunk

Manish (@manishrawat21) A Non-Admin User Executed Malware in Under 1 Second. My SIEM Fired Zero Alerts. Here's the Full Log. 37 real Sysmon events. One complete DLL hijacking attack. This is what it actually looks like. In...

Just uploaded the 2nd Part of DLL Hijacking on #Substack

Where I analyzed real malware logs and discovered why non-admin users can execute code without triggering a single alert.

Link: substack.com/@manishrawat...

#Infosec #Detection #ThreatHunting #Splunk #Cybersecurity

Splunk Splunk produces software for searching, monitoring, and analyzing machine-generated big data, via a Web-style interface

The latest update for #Splunk includes "From Data Chaos to Results: The New Data Strategy for the Agentic Era" and "Unleashing Resilience: Why the Agentic Era Demands a Unified Data Fabric".

#monitoring #logging https://opsmtrs.com/2BWVlMc

ok vi ska tydligen byta ut splunk mot victorialogs på jobbet

#splunk #victorialogs #softwareEngineering

Critical #Splunk vulnerability (CVE-2026-20163) allows remote command execution. Update to the latest version or adjust user privileges to mitigate risk. #CyberSecurity #InfoSec #RCE Link: thedailytechfeed.com/critical-fla...

Splunk Splunk produces software for searching, monitoring, and analyzing machine-generated big data, via a Web-style interface

The latest update for #Splunk includes "Unleashing Resilience: Why the Agentic Era Demands a Unified Data Fabric" and "Powering Security Innovation: Executive Q&A on Splunk Joining #AWS Security Hub Extended".

#monitoring #logging https://opsmtrs.com/2BWVlMc

Investigating Malicious Activity with Sysmon and Splunk — TryHackMe New Hire Old Artifacts Writeup A practical SOC-style investigation walkthrough using Windows telemetry to identify attacker activity and defense evasion techniques.

🕵️ Investigating malicious activity with Sysmon & Splunk

I just published a hands-on walkthrough of the TryHackMe New Hire Old Artifacts challenge where I:
• Hunt suspicious binaries
• Trace attacker activity
• Detect system modifications

#CyberSecurity #SOCAnalyst #Splunk #Sysmon #ThreatHunting

TekStream to Reveal Insights on Cybersecurity Resilience at Splunk Go, Austin TekStream will present crucial insights at Splunk Go Austin on March 11, focusing on enhancing cybersecurity through improved strategies and AI integration.

TekStream to Reveal Insights on Cybersecurity Resilience at Splunk Go, Austin #United_States #Austin #Splunk #TekStream #AI_Resilience

日立ソリューションズ・クリエイトが新型UXダッシュボード「デザイナーズダッシュボード」を発表 日立ソリューションズ・クリエイトが、「デザイナーズダッシュボード for Splunk」を2026年から提供開始。企業向けにセキュリティ対策を強化するサービスです。

日立ソリューションズ・クリエイトが新型UXダッシュボード「デザイナーズダッシュボード」を発表 #東京都 #品川区 #日立ソリューションズ #Splunk #デザイナーズダッシュボード

日立ソリューションズ・クリエイトが、「デザイナーズダッシュボード for Splunk」を2026年から提供開始。企業向けにセキュリティ対策を強化するサービスです。

Splunk Splunk produces software for searching, monitoring, and analyzing machine-generated big data, via a Web-style interface

The latest update for #Splunk includes "Powering Security Innovation: Executive Q&A on Splunk Joining #AWS Security Hub Extended".

#monitoring #logging https://opsmtrs.com/2BWVlMc

How I Built a Splunk Homelab for Splunk Certified Core User (SPLK-1001) — Installation, SPL Queries… A step-by-step hands-on lab to practice Windows log ingestion, SPL commands, reporting and dashboard creation using Splunk Enterprise

🔧 Ready to build your own Splunk Homelab? I just posted a detailed guide on setting up a practice lab for the SPLK-1001 certification! SPL commands and dashboard practice with step-by-step instructions.

medium.com/@citadelcybe...

#Splunk #SPLK1001 #Cybersecurity #Infosec #SplunkCertified #Homelab

Original post on helpnetsecurity.com

The CISO role keeps getting heavier Personal liability is becoming a routine part of the CISO job. In Splunk’s 2026 CISO Report, titled From Risk to Resilience in the AI Era, 78% of CISOs said th...

#News #Artificial #intelligence #burnout #CISO […]

[Original post on helpnetsecurity.com]

Agentic AI powers CISO accountability and mandate in AI era, says latest Splunk report Splunk’s 2026 CISO Report reveals rising accountability, AI-driven resilience, and the expanding strategic r...

#Interviews #News #Agentic #AI #Splunk

Origin | Interest | Match

#Ableversity #Splunk #Memes

Critical vulnerability in Splunk Enterprise for Windows (CVE-2026-20140) allows SYSTEM-level access via DLL hijacking. Update to patched versions immediately! #CyberSecurity #Splunk #Vulnerability Link: thedailytechfeed.com/critical-vul...

Critical vulnerability in Splunk Enterprise for Windows (CVE-2026-20140) allows SYSTEM-level access via DLL hijacking. Update to patched versions immediately! #CyberSecurity #Splunk #Vulnerability Link: thedailytechfeed.com/splunk-enter...

#Ableversity #Splunk #Memes

Critical #vulnerability in #Splunk Enterprise for Windows allows SYSTEM-level access via DLL hijacking. Update to patched versions immediately to secure your systems. #CyberSecurity #InfoSec Link: thedailytechfeed.com/critical-spl...

Splunk Enterprise 10.2 (macOS, Linux, Windows) - 搜索、分析和可视化，数据全面洞察平台 - sysin | 软件与技术分享 | SYStem INside Splunk Enterprise 10.2 (macOS, Linux, Windows) - 搜索、分析和可视化，数据全面洞察平台 - sysin | 软件与技术分享 | SYStem INside

Splunk Enterprise 10.2 (macOS, Linux, Windows) - 搜索、分析和可视化，数据全面洞察平台 请访问原文链接： Splunk Enterprise 10.2 (macOS, Linux, Windows) - 搜索、分析和...

#HTTP #Security #SIEM #Splunk

Origin | Interest | Match

How I Discovered a Critical Security Gap in Our HashiCorp Vault - And What It Taught Me About Policy Design The Day I Found a Security Hole in Our Vault Setup The "Oh Shit" Moment I was writing a Python script...

How I Discovered a Critical Security Gap in Our HashiCorp Vault - And What It Taught Me About Policy Design The Day I Found a Security Hole in Our Vault Setup The "Oh Shit" Moment I was wri...

#hashicorp #vault #python #splunk

Origin | Interest | Match

Three-quarters of UK IT teams suffer outages due to missing critical alerts Confronted with issues like tool sprawl and excessive alerts, UK teams report higher-than-average rates of alert fatigue and burnout.

Three-quarters (75%) of UK IT teams say they've experienced outages as a result of missing alerts in 2025, according to research from #Splunk.

#monitoring #logging https://opsmtrs.com/4q7ot5J