fthy · @fthy
17 followers · 111 posts · Server mastodon.green

advisory.splunk.com/
Splunk released new patches for the vulnerabilities SVD-2023-0801 to SVD-2023-0807 including an authenticated RCE via serialized session payload

#infosec #splunk

Last updated 1 year ago

patpro · @patpro
47 followers · 514 posts · Server mastodon.green

Seems like it’s no longer possible to retrieve an email / browse a mailbox from Time Machine… WHEN DID THAT HAPPENED?

FFS since yesterday it’s the 3rd time Apple’s Time Machine proved it self totally useless.

Lucky me, I can find in the time frame of a particular email, then to the server, locate and mount the correct , and finally through my Maildir to retrieve deleted messages.
Huge Apple!

#splunk #ssh #zfs #snapshot #grep #pita #timemachine #apple #wtf

Last updated 1 year ago

Advanced Persistent Teapot · @http_error_418
547 followers · 1589 posts · Server hachyderm.io

There should be a law against people adding data in to with bad timestamps

#splunk

Last updated 1 year ago

Brett Adams · @brett
15 followers · 28 posts · Server social.ba.id.au

Do you want @haveibeenpwned breaches for all your domains directly in Splunk? Now you can!

Introducing the Have I Been Pwned Domain Search app for Splunk.

splunkbase.splunk.com/app/6996

Very special thanks to @troyhunt for his work on HIBP, releasing the Domain Search API last weekend, and collaborating with me on some additional endpoints and rating limiting.

troyhunt.com/all-new-have-i-be

#hibp #splunk

Last updated 1 year ago

Peter Czanik · @PCzanik
299 followers · 538 posts · Server fosstodon.org

Recently I was asked if rules are supported by :

github.com/SigmaHQ/sigma

syslog-ng has message parsing, filtering, can be used for alerting. But I'm not aware of a tool turning Sigma rules into PatternDB and syslog-ng.conf

Syslog-ng can send logs to , stack, @OpenSearchProj, @Graylog, all which already have rules integrations.

Of course many users use/abuse syslog-ng as a kind of -lite.

If you already use syslog-ng with rules: let me know!

#sigma #syslog_ng #splunk #elastic #siem

Last updated 1 year ago

AndiMann · @AndiMann
399 followers · 1425 posts · Server masto.ai

"@Splunk unveils to ease and through "

Seems like a grab bag of 'capabilities', not products.

And a weird flex to suggest users need AI just to write queries. 🤔

I expected more from an pioneer.

venturebeat.com/ai/splunk-unve

#splunk #ai #security #observability #generativeai #aiops

Last updated 1 year ago

Beth Pariseau · @BPariseau
318 followers · 151 posts · Server hachyderm.io
fthy · @fthy
13 followers · 92 posts · Server mastodon.green
fthy · @fthy
13 followers · 91 posts · Server mastodon.green

advisory.splunk.com/advisories And the same vulnerability for splunk enterprise (updated advisory with additional patches)

#infosec #splunk #vulnerability

Last updated 1 year ago

fthy · @fthy
13 followers · 90 posts · Server mastodon.green

advisory.splunk.com/advisories Unauthenticated Log Injection In Splunk SOAR Vulnerability CVE-2023-3997

#infosec #splunk #vulnerability

Last updated 1 year ago

dlundh · @dlundh
351 followers · 3742 posts · Server social.horrorhub.club

First day on the job after vacation. Deep dove into logs to check for MobileIron attacks. Good times.

#splunk

Last updated 1 year ago

Chris Glaister 🇮🇲 · @glaist
225 followers · 1081 posts · Server mstdn.im

I haven't mentioned it before but I'd just like to take a moment to express how unfunny marketing materials are. In fact the name Splunk... Yeah.

#splunk

Last updated 1 year ago

pyjack · @pyjack
60 followers · 85 posts · Server hachyderm.io

I think my favourite thing coming out of at is that the collector is going to be available as a TA for UFs meaning existing customers don't need to install a separate agent to start getting value from tools.

#splunk #conf23 #opentelemetry #observability

Last updated 1 year ago

AndiMann · @AndiMann
389 followers · 1320 posts · Server masto.ai

And a final announcement from @splunk for the new . Light on details but appears to be a assistant for (among other things??) writing SPL. Useful. Could be exciting. Need more details on this one for sure!!

#ceo #splunk #ai #genai #splunkconf23

Last updated 1 year ago

AndiMann · @AndiMann
388 followers · 1318 posts · Server masto.ai

And a final announcement from @splunk for the new . Light on details but appears to be a assistant for (among other things??) writing SPL. Useful. Could be exciting. Need more details on this one for sure!!

#ceo #splunk #ai #genai #splunkconf23

Last updated 1 year ago

AndiMann · @AndiMann
388 followers · 1314 posts · Server masto.ai

Success is a problem. is coming at it from 3 vectors

#digital #visibility #splunk #splunkconf23

Last updated 1 year ago

Brett Adams · @brett
4 followers · 16 posts · Server social.ba.id.au

Yesterday I migrated over 350 Modular Inputs from one stack to another in an afternoon. My goal is to do entire Splunk Cloud Migrations in 1 business day.

#splunk

Last updated 1 year ago

Advanced Persistent Teapot · @http_error_418
487 followers · 1091 posts · Server hachyderm.io

Sometimes you know exactly the visualisation you want but can't find the app to do it for you... but sometimes it lands in your lap

😍 apps.splunk.com/app/4370/

#splunk

Last updated 1 year ago

Advanced Persistent Teapot · @http_error_418
473 followers · 962 posts · Server hachyderm.io

Recent Google bullshit: they seem to have de-indexed the search reference - in fact, most searched for a term that's in the docs don't come up with the docs link on the first - or even second - page of results. The community forums come up a lot but I just want to get to the documentation, the absolute authoritative source for every command and config item. In a sane search engine, it would be the first result every time.

Another example for @pluralistic

#splunk #enshittification

Last updated 1 year ago

Brett Adams · @brett
3 followers · 9 posts · Server social.ba.id.au

#splunk

Last updated 1 year ago