- Product: Splunk Enterprise or Splunk Cloud
- Feature: Search
- Function: Firewall log monitoring
To optimize the search shown below, you should specify an index.
Attackers scan networks for IP addresses and ports so they can find a good entry point into your organization. You want to see if scanning activity is coming from someone other than an authorized person internally.