Catching up with Splunk

Over the past six months I have done a couple of online courses covering Splunk, but mainly theory based, so today I am tacking some of the Splunk rooms on Try Hack Me.

This is exactly why I love THM so much, it gives you the opportunity to not just learn these key technologies but also to practise with them.

I also have my an install of Splunk running on an Azure VM for my Cyber Security Uni course. This screenshot is the search results showing the host name and the wildcard operator:

The power of the searches in Splunk is mind blowing. Let's dig in......