Webinar - Suricata and Splunk: Tap into the Power of Suricata with the new Splunk App
HTML-код
- Опубликовано: 13 дек 2020
- Enterprises deploying multiple Suricata sensors need a way to consolidate the logs, events and alerts from those sensors into a “single pane of glass” to efficiently correlate, analyze, search, and gain insights into their overall enterprise network security posture.
Recently, Stamus Networks announced the general availability of its application for Splunk which supports both Suricata sensors and Scirius Security Platform. The app is open source, free, and currently available for download on Splunkbase.
Suricata is recognized as the de facto standard network intrusion detection system (IDS), but it is less well-known for its network security monitoring (NSM) capabilities - which can rival those of other dedicated NSM software. This webinar will highlight both dimensions by demonstrating advanced analytics and anomaly detection from the IDS side and will use Splunk search and dashboards to demonstrate the NSM side which can provide deep insight into your network activity.
What you can expect:
- Learn the basic capabilities of the Splunk App
- Explore the benefits of the app through several real-world use cases
- Gain a greater understanding of both the IDS and NSM capabilities of Suricata
- Understand the importance of Splunk’s Common Information Model
- Learn where you can find additional information
Who should attend:
Threat hunters, incident responders and other security practitioners who use Splunk
Current Suricata and Splunk users who wish to learn the value of the dedicated app
Suricata users who are considering Splunk in their enterprise
Enterprise Splunk users considering deploying Suricata in their network
The App provides a powerful set of dashboards and query capabilities. These dashboards include one specifically designed to assist Zeek users in becoming familiar with the advanced Suricata network security monitoring features such as TLS information from SMB or Kerberos activity, HTTP hosts and many other protocol transactions.
Speaker: Éric Leblond
CTO of Stamus Networks, OISF Executive Council Member, and Suricata Senior Developer
Éric is the Chief Technology Officer of Stamus Networks, and the lead developer of the Stamus Networks App for Splunk. He has more than 15 years of experience as co-founder and CTO of cybersecurity software companies and is an active member of the security and open source communities. Since 2009, he has been one of the core developers of Suricata. He is also part of OISF executive council and the Netfilter Core team for the Linux kernel's firewall layer. 
Наука
![[BLACKSWAN] ‘Roll Up’ Official Music Video](http://i.ytimg.com/vi/ulvCwyKrwqw/mqdefault.jpg)
Hello, thank you for webinar. Can you show how to configure splunk with suricata SELKS
The one time i wished i knew French