ioc[.]one - OSINT Cyber Threat Intelligence Database

Context Menu - RSA NW to Splunk

Tags

attack-pattern:

Data Server - T1583.004 Server - T1584.004

Show in Graph

Common Information

Type	Value
UUID	eef2fe35-6e4b-43f9-8cfb-1f5cc5f7390a
Fingerprint	fe5a657e60e4a4e8
Analysis status	DONE
Considered CTI value	1
Text language
Published	Sept. 16, 2016, 12:09 p.m.
Added to db	Jan. 18, 2023, 9:22 p.m.
Last updated	Nov. 17, 2024, 5:57 p.m.
Headline	NetWitness Community
Title	Context Menu - RSA NW to Splunk
Detected Hints/Tags/Attributes	23/1/9

Source URLs

	Redirection	Url
Details	Source	https://community.rsa.com/community/products/netwitness/blog/2016/09/16/context-menu-splunk-pivot

URL Provider

Details	Provider	Source level domain
Details	rsa.com	community.rsa.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	19		community.rsa.com
Details	Domain	2		uap.investigation.events
Details	Domain	20		alias.host
Details	Domain	1		aliast.host
Details	File	2		actions.url
Details	IPv4	3		192.168.1.250
Details	Threat Actor Identifier - APT	297		APT27
Details	Url	1		https://community.rsa.com/docs/doc-55125
Details	Url	1		http://192.168.1.250:8000/en-us/app/search/search?q=search