Vendor: Splunk

April 15, 2026 · View on GitHub

Product: Splunk Stream

Rules	Models	MITRE ATT&CK® TTPs	Activity Types	Parsers
5	0	5	2	0

Use-Case	Activity Types/Parsers	MITRE ATT&CK® TTP	Content
Malware	dns-query ↳splunk-stream-json-dns-request-success-query dns-response ↳splunk-stream-json-dns-response-success-messagetype	T1071 - Application Layer Protocol T1568 - Dynamic Resolution T1568.002 - Dynamic Resolution: Domain Generation Algorithms T1583 - T1583 T1583.001 - T1583.001	5 Rules

MITRE ATT&CK® Framework for Enterprise

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
									Dynamic Resolution Dynamic Resolution: Domain Generation Algorithms Application Layer Protocol