Web Server Threat Detection — Apache logs in Splunk

Platform: Apache on Ubuntu → Splunk EnterpriseGoal: Detect reconnaissance and probing activity on a web server by monitoring 404s and access to admin paths. summary I set up a Splunk Universal Forwarder on an Ubuntu VM to forward Apache access logs t...