Tag: Splunk
Splunk. How to make color table rows based on conditions.
  • November 17, 2017

In the previous article I have demonstrated how to create a simple dashboard that monitors accessibility of sources in Splunk. Today I want to demonstrate you how to make any table in the dashboard more obvious and convenient. Let’s look at my last article and continue to improve the functionality of the table that I […]

Read More
Creating a simple dashboard that monitors accessibility of sources in Splunk
  • November 10, 2017

In the previous article, we have examined using depends panel for creating convenient visualizations in dashboards. If you missed it, follow the link: https://socprime.com/blog/using-depends-panels-in-splunk-for-creating-convenient-drilldowns/ Many people who begin to study Splunk have questions about monitoring the availability of incoming data: when the last time the data came from a particular source, when the data ceased […]

Read More
Using depends panels in Splunk for creating convenient drilldowns
  • October 30, 2017

In the previous article, we have examined simple integration with external web resources using drilldowns. If you missed it, follow the link: https://socprime.com/en/blog/simple-virus-total-integration-with-splunk-dashboards/ Today we will get acquainted with one more interesting variant of drilldowns in Splunk: using depends panels. Depends panels in Splunk: an interesting way to use drilldowns in dashboards Very often there is […]

Read More
Simple Virus Total integration with Splunk dashboards
  • October 16, 2017

Simple integration helps search for malicious processes Greetings Everyone! Let’s continue to turn Splunk into a multipurpose tool that can quickly detect any threat. My last article described how to create correlation events using Alerts. Now I’ll tell you how to make a simple integration with Virus Total base. Many of us use Sysmon in […]

Read More
Creating Correlation Events in Splunk using Alerts
  • August 07, 2017

Many SIEM users ask a question: How do Splunk and HPE ArcSight SIEM tools differ? ArcSight users are confident that correlation events in ArcSight are a weighty argument in favor in using this SIEM because Splunk does not have the same events. Let’s destroy this myth. Splunk has many options to correlate events. So in […]

Read More
Simple correlation scenario for Splunk using lookup tables
  • July 25, 2017

Events correlation plays an important role in the incident detection and allows us to focus on the events that really matter to the business services or IT/security processes.

Read More
International conference on cyber security “Cyber For All”
  • December 02, 2016

24.11.2016 SOC Prime, Inc hosted the first international conference on cyber security “Cyber For All” in Kyiv, Ukraine. SOC Prime staff and business partners made presentations and several customers shared their real success stories of their usage of SOC Prime products. Conference was attended mainly by representatives of the telecom and finance business community of Ukraine. Kyiv […]

Read More

This site uses cookies and other tracking technologies to assist with navigation and your ability to provide feedback, analyse your use of our products and services, assist with our promotional and marketing efforts, and provide content from third parties. Cookie Policy. Details

Refuse Cookies Accept Cookies

You previously chose to disable cookies. This site uses cookies and other tracking technologies to assist with navigation and your ability to provide feedback, analyse your use of our products and services, assist with our promotional and marketing efforts, and provide content from third parties. Cookie Policy. Details

Details Accept Cookies