IIS: 401 and 403 errors

IIS
Ronald (Access42)
You already voted!

Get an overview of 401 and 403 errors, an increase might be an IoC.

<code>index=* sourcetype="ms:iis:default" sc_status=401 OR sc_status=403 |table _time, sc_status, sc_substatus, uri_path | timechart count by sc_status</code>

Share This:

Tagged: Security

Leave A Comment? Click here to cancel reply.

Newest | Active

kbrown@splunk.com

Active 18 hours, 44 minutes ago
Dalysplunker

Active 4 days ago
cybershenanigans

Active 6 days, 18 hours ago
Salma

Active 1 week, 2 days ago
netmaster84

Active 2 weeks, 6 days ago