-
User reported:
I recognized an unexpected red status for a data source in TrackMe v2.
The dc host value is defined as 22 and alerted. I cross checked the data with different time spans and saw the…
-
Hi Remi,
A colleague reported running into issues retrieving MISP IOCs after migrating from misp42splunk 2.2.4 to 3. He's using Splunk Enterprise security 5.2.2. He noted the previous configuration…
-
- Research (slides): [Hunting Lateral Movement in Windows Infrastructure](https://drive.google.com/file/d/1lKya3_mLnR3UQuCoiYruO3qgu052_iS_/view?usp=sharing)
- Author: Teymur Kheirkhabarov, [@Heirhab…
-
Hi @LetMeR00t
I am having trouble identifying the issue. I have verified that the network connection from the Splunk search head cluster to TheHive instance over HTTPS is working properly. The Splunk…
-
hello,
(very nice addon :) )
quick question what is the default behaviour on 5xx errors?
from a glance at https://github.com/Stjubit/TA-alert_forwarder/blob/master/TA-alert_forwarder/bin/ta_…
-
**Is your feature request related to a problem? Please describe.**
Windows logs are stored in Event Log (`.evtx` files), which currently not possible to scrape it via currently available promtail met…
-
### Description
In a Windows Server Environement it seems to be impossible to pull images.
I have installed DockerCE as explained here https://learn.microsoft.com/en-us/virtualization/windowsconta…
-
https://cloud.cms.gov/splunkoncall
### This task is done when...
- [x] Research Splunk On-call
- [x] Research current On-call process/effectiveness
- [x] Determine if we need/want Splunk On-call
-
Same as Issue #56
I'm getting the same issue, going though the build a few times.. I can manually search the data and it's coming in from GHES, but the dashboard has none of the data. I have verifi…
-
## Service name
Security Hub Alarms:
## Problem description
Following a firebreak research ticket re Security Hub Alarms - demo , it was decided that more research as to which alerts we act…