Let’s Build A Dashboard!
Introduction One of the most powerful things to do with data is to visualize it. Being able to see the data in various contexts can help executives and security professionals alike understand their cyber environment better and identify their strengths and weaknesses. Dashboards in Splunk are fairly easy to make ... Read More
Oh No! My JSON Keys and Values are Separated! How Can I Extract Them For My Searches?
Splunk parses pure JSON logs almost like magic. The format works really well for Splunk to automatically extract fields you would need in your searches. However, an issue arises when a JSON log separates the key and the value into two different key/value pairs where “key” and “value” become the ... Read More
