Warning

This app is archived. App archiving documentation

ThreatHunting app icon

ThreatHunting

This is a Splunk application containing several hunting dashboards and over 120 reports that will facilitate initial hunting indicators to investigate.

Built by
splunk product badge
screenshot
screenshot
screenshot
screenshot
screenshot
Latest Version 1.5.1
November 12, 2022
Compatibility
Splunk Enterprise
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0
Rating

5

(13)

Log in to rate this app
Support
ThreatHunting support icon
Not Supported
This is a Splunk application containing several hunting dashboards and over 120 reports that will facilitate initial hunting indicators to investigate. You obviously need to be ingesting Sysmon data into Splunk, a good configuration can be found in the details Required actions after deployment: Make sure the threathunting index is present on your indexers Edit the macro's to suit your environment Install the required addons Install the lookup csv's or create them yourself, empty csv's are here > https://github.com/olafhartong/ThreatHunting/raw/master/files/ThreatHunting.tar.gz More documentation is available at > https://github.com/olafhartong/threathunting/wiki This app is maintained on GitHub > https://github.com/olafhartong/threathunting

Categories

Security, Fraud & Compliance

Created By

Olaf Hartong

Type

app

Downloads

14,830

Featured in Collection

Getting Started with Security

Licensing

MIT(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing