Collection of Dashboards for Threat Hunting and more!
be sure to star and follow this project if you like it. By doing so it lets me know which of my works people enjoy the most so development can be prioritized
When I started teaching myself Splunk and saw that you could create dashboards, I quickly became addicited and started building out as many ideas as I possibly could. The goal is to figure out how to package these into an app that can be quickly deployed and configured to any splunk instance.
The other part that inspired this was to build out a Threat Hunting envirnment for trying to detect attacks and also learning how to not get noticed when doing red team engagments.
Be sure to drop ideas and improvements! I'm still learning and would enjoy other's viewpoints!
TODO: Update to use the new linux history TA to get src_ip
TODO: Still under development and needs to be update to pull from new sources
TODO: Add the ability to exclude in filter
TODO: Needs HOST input added for host control
TODO: Need threatintel list for refference
TODO: Need threatintel list for refference
TODO: Needs host control