Splunk London User Group - Wednesday 5th July 2023 - in-person/hybrid - Splunk HQ

London Splunk User Group

Wednesday, July 5, 2023, 5:20 – 6:30 PM UTC


About this event

I am pleased to announce the next Splunk London User Group event has been scheduled.
Our next event will be on Wednesday 5th July 2023 and continue in a hybrid format. So either come along to Splunk HQ at Paddington or join us remotely, what ever suits you.

Presenters = Stephen Kinghan & Gabriel Doyle-Finch, Hiscox

Title: Steve and Gabriel will cover some of the lessons learnt on their path to delivering the Hiscox Purple Team, using more recently the Splunk Attack Range from the Splunk Threat Research Team. They’ll be exploring how work with Attack Range feeds directly into improving how Use Cases are delivered, Applications are secured/assured, and how Threat Modelling / Mapping feeds into exercising their SIEM.

Register for either an in-person or remote using the link below


RSVP In-person register ends 4:00pm on Tuesday 4th July 2023

Additional information

This will be a practical session, walking through setting up Splunk Attack Range. You can follow the following instructions to prepare either a docker or Azure environment to leverage attack range in the session.Splunk Attack Range: Prerequisites

Local Environment
• A machine or virtual machine running a Unix-like OS (ideally Ubuntu) or …
• If using a Windows machine, install Windows Subsystem for Linux (WSL): https://learn.microsoft.com/en-us/windows/wsl/install
• To run WSL: Windows Key + R à Open: wsl
• Follow setup instructions in shell

With access to a Unix shell:
• Install Docker:

# For Debian-based systems:
sudo apt -y update && sudo apt -y upgrade && sudo apt -y install docker.io

# For Arch-based systems:
sudo pacman -Syu && sudo -S docker.io Cloud Environment

• An Azure account:
• If you do not currently have a personal and/or company Azure account, create a free one here: https://azure.microsoft.com/en-gb/free
• Signup requires a valid credit card, but there are no initial charges
• Free Azure accounts come with USD200 of credit
• A minimum quota of 13 vCPUs in the North Europe region is required
• Follow the instructions in this link: https://learn.microsoft.com/en-us/azure/quotas/quickstart-increase-quota-portal


Install WSL

Install Windows Subsystem for Linux with the command, wsl --install. Use a Bash terminal on your Windows machine run by your preferred Linux distribution - Ubuntu, Debian, SUSE, Kali, Fedora, Pengwin, Alpine, and more are available. 



Create Your Azure Free Account Today | Microsoft Azure

Get started with 12 months of free services, 40+ services that are always free, and USD200 in credit. Create your free account today with Microsoft Azure.



Quickstart - Request a quota increase in the Azure portal - Azure Quotas

This quickstart shows you how to increase a quota in the Azure portal.

As usual , any questions, get in touch.

Kind Regards




  • Stephen Kinghan


  • Gabriel Doyle-Finch




Wednesday, July 5, 2023
5:20 PM – 6:30 PM UTC

Venue map


  • Rupert Truman


  • Paul Brinkman

    Bank of England


  • Atanu Roy

  • Kirsty Lambert

  • Paul Brinkman

    Bank of England

Contact Us