SPL
Count of Attackers on Juniper Devices
Description
The following is a Splunk search query that indicates potential “attacks” by source IP. Further investigation will be needed to determine accuracy of attacks.
3 8
sourcetype = "juniper:idp" attack* | stats count by src_ipCredit given to bbosearch.
Comments
0 total
Be the first to comment on this SPL.
Leave a comment
You must log in to post a comment.