IT & IoT Security | Cloud | It's all about the life itself

Greetings, I was trying to add the universal forwarder the deployment server IP and got the error below. To overcome it I followed the steps below. Navigate to C:\Program Files\SplunkUniversalForwarder\etc\system\local

Greetings everyone, Here I would like to cover basics of another cool app which you can have with your current Splunk Enterprise license. It is Splunk App for Infrastructure –

Hi folks, Wouldn’t it be good to leverage the Website Monitoring app in order the monitor web urls? Here is the app link: https://splunkbase.splunk.com/app/1493/ Download + install phases take ~5

Hello folks, In my lab environment which is Splunk Enterprise 8.x , I installed Enterprise Security app successfully but got errors when configuring it. The error log was full of

Here is a customized sample universal forwarder inputs.conf file stanzas. C:\Program Files\SplunkUniversalForwarder\etc\apps\SplunkUniversalForwarder\local\inputs.conf You can also add new file(s) to monitor.

I assume you have installed and have completed the initial configuration of phantom and have noted the access token. Login to Splunk web UI. (Splunk Enterprise web ui is different

Once you have login to web UI, you will be guided to initial configuration like data source selection(in my lab environment data source is Splunk Enterprise). You can choose more

Hi all, I assume that you have spun up a CentOS 7 VM , a valid Phantom account(you can register it https://my.phantom.us/ ) , running Splunk instance and running Active

Hi all, I assume you have a valid Splunk account (you can register on splunk.com) , have virtualbox(or a similar hyervisor) or have valid Azure/AWs/GCP subscription where you can spin

Hi all, It is seriously cool feature to have bash on Windows 10. Lastly I harnessed that feature to generate ssh key for my Linux VM’s. You can enable it