Resources
- If you're unfamiliar with using Splunk, here is a video playlist that covers some of the fundamentals.
NOTE: Alerting is not available with the free license. - Also, Splunk has a pretty well written knowledge base and they also have a community forum like this one with some really helpful folks.
- The field extractions are written with regular expressions. If you'd like to try your hand, the regex101 site is pretty handy for testing and helping figure out what you did wrong
.
