Analytics Story: Suspicious Ollama Activities

Updated Date: 2026-05-13 ID: 98ec707b-aaf9-43ce-b74d-7c2b49925a7b Author: Rod Soto, Splunk Product: Splunk Enterprise Security

Description

Leverage advanced Splunk searches to detect and investigate suspicious activities targeting Ollama local LLM framework, including prompt injection attacks, information extraction attempts, compliance violations, and anomalous user behaviors.

Why it matters

Modern adversaries targeting Ollama deployments employ increasingly sophisticated techniques that mirror traditional malware campaigns. Our detection framework identifies multi-stage attacks where threat actors use obfuscated prompts, layered social engineering, and persistent manipulation techniques to compromise local model security controls. These attacks often involve initial reconnaissance through seemingly benign API requests, followed by escalated attempts to extract model weights, manipulate Modelfile configurations, or establish persistent behavioral modifications through custom model injection.

Detections

Name ▲▼	Technique ▲▼	Type ▲▼
Ollama Possible API Endpoint Scan Reconnaissance	Active Scanning	Anomaly
Ollama Possible Model Exfiltration Data Leakage	Exfiltration Over Alternative Protocol	Anomaly
Ollama Suspicious Prompt Injection Jailbreak	Command and Scripting Interpreter, Exploit Public-Facing Application	Anomaly
Ollama Possible Memory Exhaustion Resource Abuse	Endpoint Denial of Service	Anomaly
Ollama Abnormal Service Crash Availability Attack	Service Stop	Anomaly
Ollama Possible RCE via Model Loading	Exploit Public-Facing Application	Anomaly
Ollama Excessive API Requests	Network Denial of Service	Anomaly
Ollama Abnormal Network Connectivity	Non-Standard Port	Anomaly

Data Sources

Name ▲▼	Platform ▲▼	Sourcetype ▲▼	Source ▲▼
Ollama Server	Other	`ollama:server`	`server.log`

References

Source: GitHub | Version: 2