- Видео 14
- Просмотров 96 699
Splunk Talks
Индия
Добавлен 10 фев 2012
Follow Splunk Talks to become Splunk Ninja
Detect AWS S3 Public Buckets using Splunk
video demonstrates how to detect AWS S3 buckets which can be accessed by anyone on the internet.
0:12 prerequisites
0:20 AWS policy
1:59 Sample s3 bucket policies
2:45 detection logic
4:04 why to detect s3 buckets that are exposed to public
5:32 demo
0:12 prerequisites
0:20 AWS policy
1:59 Sample s3 bucket policies
2:45 detection logic
4:04 why to detect s3 buckets that are exposed to public
5:32 demo
Просмотров: 1 013
Видео
Splunk - Alert Action - Upload Search Results to AWS S3
Просмотров 1,2 тыс.2 года назад
demonstrates how to use use Alert action - Upload Search Results to AWS S3 splunkbase.splunk.com/app/5273/
Splunk Enterprise installation on MacBook M1 Chip/Processor
Просмотров 4 тыс.2 года назад
video demonstrate different ways of installation of Splunk Enterprise on MacBook Air or Pro with M1 Chip. Splunk Enterprise instllation splunk.com Splunk Enterprise installation on MacOS docs.splunk.com/Documentation/Splunk/latest/Installation/InstallonMacOS In case if you founnd the error "zsh: bad CPU type in executable: /opt/splunk/bin/splunk" while starting the Splunk serivce then run below...
splunk if else with more examples
Просмотров 1,9 тыс.3 года назад
video is about how to use if function in different scenarios with more examples. video explains 4 different examples with different functions. 0:14 How to use match function in if with eval command|match function with regex 5:31 How to use Boolean expressions AND and OR in if function with eval command 7:57 How to use informational functions such as isnotnull and isnull in if function with eval...
Splunk eval if else
Просмотров 7 тыс.3 года назад
Video is about how to use if else conditional statement in Splunk eval command.
Splunk & ServiceNow Integration Best Practices 2020
Просмотров 3,1 тыс.4 года назад
1. Best practices in setting up service now add-on 2. How to avoid common mistakes while creating new index. Splunk index configuration calculator - splunk-index.uc.r.appspot.com/
Splunk UseCase | Splunk Alert | Splunk Detect Brute force
Просмотров 11 тыс.4 года назад
Splunk UseCase | Splunk Alert | Splunk Detect Brute force Explains how to detect successful brute force. unlike counting excessive number of failed logins and at least one successful login. This detects successful authentication after n number of consecutive failed logins. sample events used in video : github.com/splunkps/others/blob/4ca103e272e9b1896c380dbd545f167be5ed8ced/brute-force-sample.csv
Splunk Commands | Splunk stats | Splunk eventstats
Просмотров 14 тыс.4 года назад
This video is all about functions of stats & eventstats. explained most commonly used functions with real time examples to make everyone understand easily. splunk stats doc : docs.splunk.com/Documentation/Splunk/8.0.5/SearchReference/Stats splunk eventstats doc : docs.splunk.com/Documentation/Splunk/8.0.5/SearchReference/Eventstats splunk transforming commands doc : docs.splunk.com/Splexicon:Tr...
Splunk Components | universal forwarder | Heavy forwarder
Просмотров 6 тыс.4 года назад
Describes : Splunk software packages 0:06 Splunk Universal forwarder 0:30 Splunk Event Parsing 1:42 all different Splunk Enterprise components Heavy forwarder 2:34 Indexer 3:41 Search head 4:45 Cluster Master 5:24 Deployer 6:41 Deployment Server 6:59 License Master 8:09
Splunk Fields | Knowledge objects | Splunk Field aliases | Splunk Calculated Fields
Просмотров 5 тыс.4 года назад
Splunk Fields | Knowledge objects | Splunk Field aliases | Splunk Calculated Fields Field aliases properties 5:16 Why to create field aliases 5:53 How to create and use field aliases 6:44 How to create field alias using Splunk web 7:22 How to create field alias using CLI 9:34 How to manage field aliases 11:17 Why to create Calculated fields 13:18 How to create calculated fields using Splunk web...
Splunk knowledge objects | Splunk Lookups | Splunk Lookups Part 1
Просмотров 6 тыс.4 года назад
Splunk knowledge objects | Splunk Lookups | Splunk Lookups Part 1 This video is about splunk csv and kv-store lookups. Pros & Cons of CSV lookups Pros & Cons of KVStore Lookups
Splunk knowledge objects | Splunk Lookups | Splunk Lookups Part 2
Просмотров 4,4 тыс.4 года назад
Splunk knowledge objects | Splunk Lookups | Splunk Lookups Part 2 This video is about : How to create CSV lookups 0:40 How to view Lookup data in search 3:49 How to do lookups for event data 5:03 How to Define CSV lookups 7:53 How to do case sensitive & case insensitive lookups in search 9:22 How to do wildcard match 11:04 How to do CIDR match 14:26 How to define Kvstore lookups 16:22 How to mi...
Regular Expressions in Splunk | Splunk Fields | Splunk Field Extractions
Просмотров 31 тыс.4 года назад
Regular Expressions in Splunk | Splunk Fields | Splunk Field Extractions video shows how to extract fields using regular expressions in Splunk Have used regex101.com to demonstrate regular expressions.
nice
If it show "zsh: bad CPU type in executable: /Applications/splunk/bin/splunk" then try to install "rosetta" -> this helps Intel Apps works with arm based systems like M1,2,3,4 (developed by Apple) command to install : "softwareupdate --install-rosetta" if in case want to remove rosetta after usage : command to uninstall : "sudo /usr/sbin/softwareupdate --remove-rosetta"
In terminal it shows failed to open can you clarify it
Thanks for posting this. Searching for this exact one.
Fantastic tutorial! Thank you!
In case if you founnd the error "zsh: bad CPU type in executable: /opt/splunk/bin/splunk" while starting the Splunk serivce then run below command and once the below command successfully install then you can rerun /opt/splunk/bin/splunk start --accept-license /usr/sbin/softwareupdate --install-rosetta --agree-to-license medium.com/@jithmisha/fix-for-macbook-air-m1-m2-bad-cpu-type-in-executable-error-3719a0a1cb6
Is the "Splunk Calculated Fields" VS SPL better performance wise ? i.e. | eval plannedStartStrp = strptime(plannedStart, "%Y-%m-%d %H:%M:%S")
Kindly share your contact details
Kindly let us know how we can connect with you
please share github link of the codes u hv used,it will be helpful
Thanks for detailed explanation
Im looking for complete Splunk class from basic to Administrative could you please share your number so that i can speak over call
Thank you so much for the video
very nicely explained...thank you
Do you know if Splunk can be installed using Parallels on Mac M1? I've been considering a Mac Pro and wanted to add Parallels for virtualization so that I can create multiple OS forwarding data, with a separate search head and indexer. How resource intensive is Splunk on the M1?
Best tutorial to start rex learning
Looking for a demonstrative explanation for months, this is the best, thanks sir!
Excellent bro
Excellent explanation bro
Hi i have doubt, if one rex command matching two or more xml tags means.Then how to take the second highlighted value?
Great lessons. Can you plz reached out to me, willing to learn more
t.balaji2k12@gmail.com
Great video.. please make more on regex in Kibana too
Very helpful. Best tut on the internet.
Hi Balu, i have a doubt and need help in writing the regular expression.could you please help me?
Can you please help me?
Very useful information brother.. in the end you used fields command, however we can also use table command right.. in which scenario we have to use fields command and table command. Please clarify.
Please can I get your email address? or mobile?
how to change color if two fields count not matching
Good one 👏🏻 i need to see how we can detect AWS key custodian users who create the KMS keys in splunk? Is cloudtrail contains that data?
Well explained. thanks a lot
Great Video
Thanks for this, it helped me a lot!
Please do many other videos on splunk with real time example sir
Nice 👍 one
good job thank you
I'm trying to find a solution for matching using regex for last 2 days. Finally your video really helped me. Thank You!!
Very nice contents, thanks
Excellent
Your code is not running and also u should informed us on file uploading process before start this video..
Bravo, well done
Hi Sandip, i have a question regarding the chart command. I am trying to execute a search splunk command that shows both the count and percentage of the count in one chart command: so here is an example of splunk command that currently only shows the count and the total count: source="xyz" http_status_code | chart count by path_template, http_status_code | addtotals col=t This command shows each count of the http_status_code (y axis) and the path_template (x axis) and showing the total of the counts of all the http_status_code. Now i need to add the percentage (count/total) of each count when i know the number of counts. e.g. 40 (5%) or something like that. How would i do that using chart? Thanks!
Good video bro
Best ever video for Regex
Nice explanation
Superb video. Very nicely explained along with examples 🙂
Hello, what is the difference tgz and dmg file ?
apple.stackexchange.com/questions/252421/what-are-the-benefits-of-distributing-applications-via-dmg
Hello can you share the log file
Hi, I found file. please download the file from github.com/splunkps/others/blob/4ca103e272e9b1896c380dbd545f167be5ed8ced/brute-force-sample.csv
Thank you! Very helpful 👌
Excellent - coverage & explanation ---- Pls carry on doing these ...!
I am currently doing on the regex this video is very much help let me know your linkedin profile
www.linkedin.com/in/balu6645
Awesome nd clear explanation about regular expression