Playbook: Internal Host Splunk Investigate log4j
Description
Published in response to CVE-2021-44228, this playbook utilizes data already in your Splunk environment to help investigate and remediate impacts caused by this vulnerability in your environment.
Apps:
Associated Detections
How To Implement
This playbook presumes you have Enterprise Security and have configured Assets & Identities, as well as the Endpoint.Processes datamodel
Explore Playbook
Required fields
Reference
source | version: 1