◼️
General Knowledge
  • Introduction
  • Building a Home Lab
  • Certification Roadmap
  • Basics
    • Basic Networking
    • Basic Gigamon Configuration
  • Firewalls
    • PFSense
    • Cisco ASA
  • Hardware Setup and Device Networking
    • Cisco Device
    • MaxVision Servers
    • Gigamon
  • Reporting
    • Network Activity Report (NAR)
    • Network Change Request (NCR)
    • Redmine
  • DCO Tools
    • Splunk
      • Threat Hunting with Splunk
    • Security Onion 2.4
      • Threat Hunting with Security Onion
    • OsQuery
  • Methodology
    • Gather Information
    • Gather Documents
    • Prepare Equipment and Team Procedures
    • Conduct Network Reconnaissance
    • MITTRE ATT&CK Framework
    • Considerations when Recommending Remedial Action
    • Document Everything
    • Defensive Cyber Operations Checklist
  • Requirements
    • Power Requirements
    • Port Density Requirements
    • Opened Port Requirements
  • Building a Virtual Testing Environment
    • Identify Requirements
    • Gather Equipment and tools
    • Initial Draft
    • Building the Environment
    • Example
Powered by GitBook
On this page
  1. DCO Tools
  2. Splunk

Threat Hunting with Splunk

The basics of threat hunting utilizing Splunk

PreviousSplunkNextSecurity Onion 2.4

Last updated 2 years ago

Introduction

Splunk is an expansive tool and many articles have been written and videos made over the basics of threat hunting with Splunk. Below is a list of links to external resources. The first is Splunk fundamentals which I think is a requirement for all new cyber analysts.

Splunk Fundamentals 1, 2 & 3 | SplunkSplunk
Splunk Fundimentals
Hunting with Splunk: The BasicsSplunk-Blogs
Threat hunting with splunk
Logo
Logo