https://github.com/inodee/threathunting-spl

Splunk code (SPL) for serious threat hunters and detection engineers.
https://github.com/inodee/threathunting-spl

rules siem spl splunk threat-hunting use-case

Last synced: 3 months ago
JSON representation

Splunk code (SPL) for serious threat hunters and detection engineers.

Host: GitHub
URL: https://github.com/inodee/threathunting-spl
Owner: inodee
Created: 2017-06-22T20:23:13.000Z (over 8 years ago)
Default Branch: master
Last Pushed: 2024-01-15T16:42:40.000Z (almost 2 years ago)
Last Synced: 2025-01-26T20:46:48.074Z (11 months ago)
Topics: rules, siem, spl, splunk, threat-hunting, use-case
Homepage:
Size: 8.47 MB
Stars: 269
Watchers: 25
Forks: 41
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# threathunting-spl
This is a repository to store Splunk code (SPL) and prototypes useful for building rules (correlation searches) and queries to find and hunt for malicious activity.
## About
Feel free to contribute and share your feedbak in case you find it useful. For more Splunk (and Security) related stuff also check the following :
* https://spl.ninja
* https://medium.com/@ateixei

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/inodee/threathunting-spl

Awesome Lists containing this project

README