← Library
splApache-2.0from splunk/security_content

HTTP RMM User Agent

This Splunk query analyzes web logs to identify and categorize user agents, detecting various types of Remote Monitoring and Mangement applications. This activity can signify possible compromised hosts on the network.

Quality
67
FP risk
Forks
0
Views
0
Rule source🔒 locked
🔒

Sign in to view the rule source

Free accounts can view the source for the top-ranked rules. Create one in seconds — no credit card required.

Sign in →