Check it out for more examples and demo data for this type of use case. This use case is from the Splunk Security Essentials app. It’s important to include a search for brute force activity in Windows Security logs as a component of any security strategy.
This is effective because most environments use Active Directory as a central storage repository for credentials. A time-honored way to find weak passwords is to try hundreds of common passwords. For more information on this and other examples, download the free Splunk Security Essentials app on Splunkbase.ĭiscovering real credentials is a key component for any attacker. Read more about example use cases in the Splunk Platform Use Cases manual. The Splunk Product Best Practices team helped produce this response.
0 kommentar(er)
