I am fairly certain that Splunk is the worst piece of shit software I have ever had to endure in any job.
Recent searches
Search options
#splunk
0 posts0 participants0 posts today
Splunk patched the CSRF bug (and a gazillion others I didn't find)! I guess I get to stop adding it to reports ...
Splunk Vulnerability DisclosureSplunk Security Advisories Archive
Replied in thread
@fistfulofdave that was my follow up argument. When I’m using #Splunk to report on stuff I can eyeball the results from a first pass at writing a query, then debug and finesse it. With an #AI / #LLM you’re putting complete trust in its output, you can’t ask to “see it’s working”, as it were.
What does not work and takes +5h?
This: `splunk fsck repair --all-buckets-all-indexes`
What does work and takes few seconds?
That: `zfs rollback -r flash/vm/rocky8-splunk@H-2025-01-30_14.00.01--48h`
community.splunk.com · Using Machine Learning Toolkit to detect auth abuseHello, I’m trying to tune Machine Learning Toolkit in order to detect authentication abuse on a web portal (based upon Lemon LDAP-NG). My logs look like this: (time/host/... header) client=(IP address) user=(login) sessionID=(session-id) mail=(user email address) action=(various statuses: connected ...
Do I know anyone who works for/on #splunk ?
I'm evaluating its #accessibility for #screenReader users v8.26 for the #tryHackMe #AdventOfCyber challenges and let's just say I have some feedback to share. I can absolutely see that work has been done but I think an expert review is sorely needed :) Who do I talk to about that? #infoSec #cybersecurity
Hey fellow #OpenSearch fans. I'm curious if there's a way to do #Splunk syntax type searches? I came to OpenSearch from solr, graylog, and ELK, so I'm generally content with Lucene syntax, but overcoming the muscle memory has been more challenging from some coworkers that are used to Splunk. I would love to see OpenSearch become more of the goto over Splunk and this capability would go a long way to making that happen.
Continued thread
JOB ALERT
My team (#Splunk #SURGe) is looking for a mid- or senior-level researcher. The job involves participating and leading research teams, then publishing and speaking about what you learn for the benefit of the #cybersecurity community. We are a small team, but very supportive of each other and extremely collaborative. If this sounds like you, apply today!
The Top Cyber Threats for 2024/25
YouTube video: https://youtu.be/A4hHWDcPHqE
#SponsoredbyCisco #ai #artificalintelligence #Quantum #cisco #firewall #vpn #hash #encryption #theats #ransomware #hack #hacking #cybersecuity #splunk Cisco Splunk
Hey, I just tested an instance of Splunk and I didn't find this! How did I miss...
"According to Splunk, only instances running on Windows machines are affected by this vulnerability."
Oh. Never mind.
https://www.securityweek.com/splunk-enterprise-update-patches-remote-code-execution-vulnerabilities/
Replied in thread
Cisco Talos Incident Response is now available to all #Splunk customers! Learn how Talos IR can help you assess, strengthen and evolve your cybersecurity program and make sure your systems are resilient against the worst-case scenarios http://cs.co/6017YdCpd
DB-Engines Ranking climbers of the month:
DB-EnginesDB-Engines RankingPopularity ranking of database management systems.
Hello Mastodon!
I'm Steven Butterworth, aka UKITGURU. I specialise in InfoSec and SIEM technologies (Splunk, Sentinel, Elastic). As a freelancer, I create and deliver SIEM content, working with gov departments and private sectors. Passionate about Data Science, Data Engineering, and data literacy. Avid triathlon enthusiast—never enough bikes! 
Looking forward to connecting!
#InfoSec
#SIEM
#Splunk
#Sentinel
#DataScience
#Triathlon
#Cycling
Got to bring my father into one of the larger caves - a new experience for him.
Today I learnt MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 encapsulates LDAP Authentication on Windows Domain controllers where a request is made by LDAP(S).
This is after I have spent years following trusting most of the advice online that it’s an artifact of NTLM authentication and the local security authority (LSA). For the better part of a decade I had assumed these were being generated by legacy windows devices using NTLM, but never working out why there were so many of them.
It all makes sense now! And now at least I have a better understanding of some of the events I am looking at!
I am not a #DataScience person, so I need the wisdom of the #LazyWeb to help me out, please.
(I’m running queries on #Splunk, but I don’t think this question applies to Splunk only.)
I have a report running hourly to calculate metrics and store these to a separate index (in Splunk terms, a “summary metrics index”), for faster querying later. It's a data roll-up. (1/4)