Splunk Tutorials Archives | Hurricane Labs

Splunking with Sysmon Part 4: Detecting Trickbot

By Dusty Miller|2020-11-17T11:32:24-05:00November 12th, 2020|

Trickbot and Ryuk With the recent outbreak of Ryuk [...]

Using Splunk Streamstats to Calculate Alert Volume

By Josh Neubecker|2020-11-10T13:01:24-05:00November 10th, 2020|

Dynamic thresholding using standard deviation is a common method [...]

Splunking with Sysmon Part 3: Detecting PsExec in your Environment

By Dusty Miller|2020-11-12T13:20:35-05:00November 5th, 2020|

PsExec is another powerful tool created by Windows Sysinternal. [...]

Your Splunk Guide for Smooth Sailing with CEF Field Extractions

By Tom Kopchak|2020-11-17T10:43:43-05:00October 28th, 2020|

One of the more common log formats you’ll run [...]

A Design with Humans in Mind: Adding Automation and Color Coding to the IT Workflow

By Jeremy Nenadal|2020-10-27T14:14:03-04:00October 27th, 2020|

Workflow is an essential part of a daily routine, from [...]

Using Splunk Enterprise Security to Look for Zerologon Exploit Attempts

By Toby Deemer|2020-10-22T15:13:17-04:00October 22nd, 2020|

A while back, Zerologon came along and helped everyone [...]

Day in the Life of a Data Junkie

By Kyle Schmidt|2020-10-19T15:36:06-04:00October 19th, 2020|

As a Splunk administrator, I often find my first [...]

How Splunk Add-Ons Help You Stop Playing Hide and Seek with Your Logs

By Mark Mague|2020-10-14T11:10:03-04:00October 14th, 2020|

Do you like to play games? How about hide [...]

Splunking with Sysmon Series Part 2: Tuning

By Dusty Miller|2020-11-12T13:00:18-05:00October 13th, 2020|

This Splunk tutorial is a continuation of my previous [...]

Why Splunk: The Benefits of Better Logging

By Mark Mague|2020-10-06T14:45:30-04:00October 6th, 2020|

Almost all devices have logs. As you may already [...]