Crowdstrike – Pfarrside

Crowdstrike- User Activity

Posted: February 06, 2022 Under: Crowdstrike By sqearl No Comments

This page contains XML used to create a Splunk dashboard for specific sourcetypes & use-cases. The dashboard contains dynamic and static input filters for relavant field/values and (typically) a visualization for each field. The visualizations are broken into statistical count and event count over time (where applicable). The final panel in each dashboard is an … Continue reading "Crowdstrike- User Activity"

Crowdstrike- Incident Summary

Posted: February 06, 2022 Under: Crowdstrike By sqearl No Comments

This page contains XML used to create a Splunk dashboard for specific sourcetypes & use-cases. The dashboard contains dynamic and static input filters for relavant field/values and (typically) a visualization for each field. The visualizations are broken into statistical count and event count over time (where applicable). The final panel in each dashboard is an … Continue reading "Crowdstrike- Incident Summary"

Crowdstrike- Firewall Match

Posted: February 06, 2022 Under: Crowdstrike By sqearl No Comments

This page contains XML used to create a Splunk dashboard for specific sourcetypes & use-cases. The dashboard contains dynamic and static input filters for relavant field/values and (typically) a visualization for each field. The visualizations are broken into statistical count and event count over time (where applicable). The final panel in each dashboard is an … Continue reading "Crowdstrike- Firewall Match"

Crowdstrike- Detection Summary

Posted: February 06, 2022 Under: Crowdstrike By sqearl No Comments

This page contains XML used to create a Splunk dashboard for specific sourcetypes & use-cases. The dashboard contains dynamic and static input filters for relavant field/values and (typically) a visualization for each field. The visualizations are broken into statistical count and event count over time (where applicable). The final panel in each dashboard is an … Continue reading "Crowdstrike- Detection Summary"

Crowdstrike- Authentication Activity

Posted: February 06, 2022 Under: Crowdstrike By sqearl No Comments

This page contains XML used to create a Splunk dashboard for specific sourcetypes & use-cases. The dashboard contains dynamic and static input filters for relavant field/values and (typically) a visualization for each field. The visualizations are broken into statistical count and event count over time (where applicable). The final panel in each dashboard is an … Continue reading "Crowdstrike- Authentication Activity"