Elasticsearch: Cluster Status is RED
It happens very rarely, but sometimes your cluster gets red status. Red status means that not only has the primary…
Threats
Search and Replace Text in SPL Fields with rex
Sometimes when working with fields in SPL, it can be useful to search for and replace parts of text found…
CVE-2024-49112 Detection: Zero-Click PoC Exploit for a Critical LDAP RCE Vulnerability Can Crush Unpatched Windows Servers
In 2024, vulnerability exploitation accounted for 14% of breach entry points, marking a nearly threefold increase from the previous year—a…
rare Сommand in Splunk
The rare command in Splunk helps you find the least common values in a specific field of your data. This…
coalesce Function in Splunk
The Splunk coalesce function returns the first non-null value among its arguments. It’s useful for normalizing data from different sources…
Strela Stealer Attack Detection: New Malware Variant Now Targets Ukraine Alongside Spain, Italy, and Germany
Security experts have uncovered a novel Strela Stealer campaign, which leverages a new iteration of email credential-stealing malware. In this…
Reducing Kafka Lag: Optimizing Kafka Performance
Apache Kafka is a powerful distributed messaging system, but like any system, it can face performance bottlenecks. One of the…
KRaft: Apache Kafka Without ZooKeeper
Apache Kafka has been a cornerstone of modern event streaming architectures, enabling reliable and scalable data pipelines for businesses worldwide.…
Using Kafka as a Fast Correlation Engine
In this article, we explore how Kafka Streams can be utilized for filtering and correlating events in real time, effectively…
Fluentd: How to Use a Parser With Regular Expression (regexp)
This guide explains configuring Fluentd to extract structured data from unstructured log messages using the parser plugin with a regular…