Splunk code (SPL) useful for serious threat hunters.
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
hunt-queries Update Detecting_Similarity.md Mar 21, 2018
.gitignore First commit Jun 22, 2017
README.md Update README.md Jun 22, 2017
spl_tips_tricks.md Update spl_tips_tricks.md Nov 30, 2017

README.md

threathunting-spl

This is a repository to store Splunk code (SPL) and prototypes useful for building rules (correlation searches) and queries to find and hunt for malicious activity.

About

Feel free to contribute and share your feedbak in case you find it useful. For more Splunk (and Security) related stuff also check the following :