Splunk

Conti Threat Research Update and Detections

Jul 30, 2021 By Splunk Threat Research Team In Splunk

The Splunk Threat Research team has researched two of the current payloads involved in these heinous campaigns against healthcare and first responder organizations such as Conti & REvil. In the first blog, we explored the REvil ransomware group and in this blog, we will explore Conti.

Read Post

Splunk

Read more about Conti Threat Research Update and Detections

Splunk Machine Learning Toolkit Overview

Jul 30, 2021 By Splunk In Splunk

You no longer have to be a data scientist to bring intelligence to your Splunk data. The Machine Learning Toolkit (MLTK) availble for free on Splunkbase, is a purpose built tool that extends Splunk Processing Language (SPL) with machine learning algorithms, new commands, and powerful visualizations. This video provides a high-level overview of MLTK and preview the use-cases that it supports.

View Video

Splunk

Read more about Splunk Machine Learning Toolkit Overview

Splunk Mobile - Overview (in 60s)

Jul 30, 2021 By Splunk In Splunk

Splunk Mobile enables you to unlock value from your data anywhere at any time. Regardless of your role or level of technical expertise, you can use Splunk Mobile to view dashboards and take action from your mobile device. Whether you’re a C-suite executive looking for a report, a NOC manager investigating an issue, or a SOC analyst uncovering an anomaly, getting answers has never been more convenient with the power of Splunk in the palm of your hands. Splunk Mobile is made for all organizations and roles, including yours.

View Video

Splunk

Read more about Splunk Mobile - Overview (in 60s)

Splunk Mobile - Dashboards (in 60s)

Jul 30, 2021 By Splunk In Splunk

Making dashboards that look beautiful on Splunk Mobile is easy. If you’re already creating dashboards with the Splunk Web UI, then you already know how to build dashboards for Splunk Mobile. If you build a dashboard using the Classic Dashboard builder, it’s compatible with Splunk Mobile.

View Video

Splunk

Read more about Splunk Mobile - Dashboards (in 60s)

Splunk SOAR Feature Video: Custom Functions

Jul 27, 2021 By Splunk In Splunk

Splunk SOAR’s custom functions allow shareable custom code across playbooks and the introduction of complex data objects into the playbook execution path. These aren’t just out-of the-box playbooks, but out-of-the-box custom blocks that save you time and effort. This allows for centralized code management and version control of custom functions providing the building blocks for scaling your automation, even to those without coding capabilities.

View Video

Splunk

Read more about Splunk SOAR Feature Video: Custom Functions

Splunk SOAR Feature Video: Contextual Action Launch

Jul 27, 2021 By Splunk In Splunk

Splunk SOAR apps have a parameter for action inputs and outputs called "contains". These are used to enable contextual actions in the Splunk SOAR user interface. A common example is the contains type "ip". This is a powerful feature that the platform provides, as it allows the user to chain the output of one action as input to another.

View Video

Splunk

Read more about Splunk SOAR Feature Video: Contextual Action Launch

Splunk SOAR Feature Video: Investigation Command Line

Jul 27, 2021 By Splunk In Splunk

When you're on the Splunk SOAR investigation page, there are several ways to run actions. One of the easiest ones is to use the command line, down where you would write comments in the event. If you start off with a slash (/) you get prompting for the action you would like to choose.

View Video

Splunk

Read more about Splunk SOAR Feature Video: Investigation Command Line

Splunk SOAR Feature Video: Create a Manual Event

Jul 27, 2021 By Splunk In Splunk

If you haven’t done anything on your Splunk SOAR instance yet you'll see zeros across the top in what we call the ROI summary. So how do you get started creating events in Splunk SOAR?

View Video

Splunk

Read more about Splunk SOAR Feature Video: Create a Manual Event

Splunk SOAR Feature Video: Configure Third Party Tools

Jul 27, 2021 By Splunk In Splunk

To get started in Splunk SOAR, you will need to configure an asset. Assets are the security and infrastructure assets that you integrate with the Splunk SOAR platform, like firewalls and endpoint products. Splunk SOAR connects to these assets through apps. Apps extend the platform by integrating third-party security products and tools.

View Video

Splunk

Read more about Splunk SOAR Feature Video: Configure Third Party Tools

Splunk SOAR Feature Video: Install/Update Apps

Jul 27, 2021 By Splunk In Splunk

A common task on the Splunk SOAR platform is installing a new app, or updating existing apps. Apps extend the Splunk SOAR platform by integrating third-party security products and tools. We currently offer more than 350 premade apps that are accessible right now.

View Video

Splunk

Read more about Splunk SOAR Feature Video: Install/Update Apps

Operations | Monitoring | ITSM | DevOps | Cloud

Splunk

Conti Threat Research Update and Detections

Splunk Machine Learning Toolkit Overview

Splunk Mobile - Overview (in 60s)

Splunk Mobile - Dashboards (in 60s)

Splunk SOAR Feature Video: Custom Functions

Splunk SOAR Feature Video: Contextual Action Launch

Splunk SOAR Feature Video: Investigation Command Line

Splunk SOAR Feature Video: Create a Manual Event

Splunk SOAR Feature Video: Configure Third Party Tools

Splunk SOAR Feature Video: Install/Update Apps

Monthly Archive

Follow Us