PinnedPublished inSeynurRisk-Based Alerting (RBA) with Splunk Enterprise SecurityAlert fatigue and false-positive results are the most common problems in a Security Operation Center (SOC) environment. The correlation…Apr 1, 2022Apr 1, 2022
PinnedPublished inSeynurSplunk Data Models & CIMIn this post, you will find out what Splunk data models and CIM (Common Information Model) are and why they hold that much importance.Jan 4, 20212Jan 4, 20212
Published inSeynurCreating Custom Entity Type with Splunk IT Essentials WorkSplunk IT Essentials Work correlates logs and metrics for each entity and helps you to monitor your infrastructure. It is free, and it…Sep 26, 2022Sep 26, 2022
Published inSeynurConverting Event Logs into Metrics in SplunkAs well as collecting event logs, metrics data can be ingested into Splunk. There are a few ways to ingest metrics data; Splunk has already…Aug 26, 2022Aug 26, 2022
Published inSeynurRestoring Archived Data with SplunkData retention policies help to manage organizations’ big data. Since the amount of data collected today is tremendous, establishing a…Nov 1, 2021Nov 1, 2021
Published inSeynurSyslog Data Collection (SC4S) for Splunk and Custom InputsAs per Splunk Validated Architectures, Splunk Connect for Syslog (SC4S) is the current best practice recommendation to collect syslog data…Jan 26, 2021Jan 26, 2021