Explore Corelight evidence in Humio Community Edition

Now available: A free and easy way to learn about Humio and Corelight.

As part of our alliance partnership with CrowdStrike and Humio, Corelight is excited to announce a new collaboration that allows our customers and the community to experience the value of evidence.

Starting today, Corelight example evidence is automatically available on the main screen of Humio Community Edition. The Corelight evidence is a continuous loop of network data taken from a Corelight sensor that includes DNS, HTTP, RDP, files, SSL, SSH, X509, and Suricata IDS detections. The example Corelight evidence is already ingested and parsed in Humio to ensure relevant fields are available for search. You can also use the evidence to explore the dashboards and queries included in the Corelight Sensor package and the Threat Hunting Guide package, both of which are available in the Humio Package Marketplace.

Ready to try it out? Head over to the Humio blog for instructions on how to get started along with suggestions on how to use the sample evidence to find suspicious files, visualize connections using Sankey diagrams, and create custom alerts.

 

By Ed Smith, Senior Product Marketing Manager, Corelight

Search

    Recent Posts