Hello Team,
Would be great to know how do I capture the following alerts in Splunk.
1) TCP Connect Request
2) TCP Disconnect Request
3) TCP Connect Confirm
4) TCP Disconnect Confirm
I need to sniff the local network and capture these in Splunk.
Please direct us to the appropriate portal/page.
Regards,
Ravi.
↧