Hi everyone,
preparing for my master´s thesis my supervisor at the uni suggested to create an app that produces fake alerts with suspicious log files in splunk to maintain admins´s attention on security issues. L like at the airport security where regularly fake guns and knifes are displayed on the scanner to catch the guard´s attention.
However, after some research I get the feeling most admins have an opposite issue, having to many false alerts. As I have no experience with Splunk in a security context, I am looking for some opinions on that. Can someone give me some insights?
... View more