Showing posts tagged #splunk

Return Home

In this post, we'll cover some searches that will help us identify the infrastructure that the attackers are using. We'll do this by grouping the attackers together based on the commands they enter during each session. By doing this, we can assume that the attacking IP addresses are somehow used

Read More