GitHub

Guscyrus-cyber/Splunk_SQL_Injection_lab

This lab focused on detecting, monitoring, analyzing, and investigating SQL injection attack activity using Splunk Enterprise within a simulated SOC environment. A custom web attack dataset containing ...
GitHub

aud_splunk_checkpoint_setup.sql

-- Usage.....: aud_splunk_checkpoint_setup.sql [SCHEMA] [SPLUNK_USER] [FALLBACK_DAYS] -- SCHEMA Schema owner for checkpoint table and procedure. -- Default: current ...
LinkedIn

Mental Transitions from SQL to Splunk: Office Buildings vs Public Libraries

I came to Splunk from the relational world last year (December 2016), and let me tell you, translating directly from SQL code to SPL will screw you up nearly every time. There are many things that are ...
LinkedIn

How to stop SQL Server attacks with Splunk

SQL Server: Not just a database. It's also a launchpad for attackers. Learn from the Splunk Threat Research Team how adversaries exploit built-in features for code execution and persistence — and, ...