Mark Runals' Blog
Some sort of Data/SIEM/InfoSec blog.
Monday, June 16, 2014
Events of Interest from a Splunk Admin perspective
›
As our deployment has grown from basically myself performing administrative duties to adding a second body as well as running into a couple ...
Monday, May 5, 2014
Splunk DateParserVerbose logs - Part 2
›
In part 1 of this subject we talked about what Splunk's DateParserVerbose internal logs are and I gave an example query that at its hea...
1 comment:
Wednesday, April 9, 2014
Detecting OpenSSL version data in Splunk
›
I won't go into the HeartBleed details as you likely already know them. From a Splunk perspective there are any number of ways to try to...
Sunday, April 6, 2014
Splunk, timestamps, and the DateParserVerbose internal logs - Part 1
›
Splunk is a pretty powerful piece of software. There is the obvious search and analytic capabilities it has but there is some robustness und...
Saturday, February 22, 2014
Splunk - troubleshooting remote agents with the phonehome logs
›
An issue popped up the other day that was pretty interesting (from a Splunk admin perspective) so figured I would share. This will likely be...
‹
›
Home
View web version