Follow the steps in this recipe to identify potential session spoofing activity:
- Log in to your Splunk server.
- Select the Splunk Machine Learning Toolkit application.
- Click on the Assistants dropdown menu and select Forecast Time Series:
- Ensure the time range picker is set to Last 90 Days and type the following search into the search bar. Then, click on the search button or hit Enter:
index=main sourcetype=log4j requestType="checkout" | timechart sum(total) AS total span=1week
- The Splunk Machine Learning Toolkit will now return a Raw Data Preview of the results:
- Now, let's choose the appropriate options to perform ...