Splunk London User Group - Wednesday 5th July 2023 - in-person/hybrid - Splunk HQ

Jul 5, 2023, 5:20 – 6:30 PM

We are back with our 4th SLUG event of 2023. So register to join us in-person or remote, choice is yours. Full details in the event description area.

About this event

I am pleased to announce the next Splunk London User Group event has been scheduled.
Our next event will be on Wednesday 5th July 2023 and continue in a hybrid format. So either come along to Splunk HQ at Paddington or join us remotely, what ever suits you.

Presenters = Stephen Kinghan & Gabriel Doyle-Finch, Hiscox

Title: Steve and Gabriel will cover some of the lessons learnt on their path to delivering the Hiscox Purple Team, using more recently the Splunk Attack Range from the Splunk Threat Research Team. They’ll be exploring how work with Attack Range feeds directly into improving how Use Cases are delivered, Applications are secured/assured, and how Threat Modelling / Mapping feeds into exercising their SIEM.

Register for either an in-person or remote using the link below


RSVP In-person register ends 4:00pm on Tuesday 4th July 2023

Additional information

This will be a practical session, walking through setting up Splunk Attack Range. You can follow the following instructions to prepare either a docker or Azure environment to leverage attack range in the session.Splunk Attack Range: Prerequisites

Local Environment
• A machine or virtual machine running a Unix-like OS (ideally Ubuntu) or …
• If using a Windows machine, install Windows Subsystem for Linux (WSL): https://learn.microsoft.com/en-us/windows/wsl/install
• To run WSL: Windows Key + R à Open: wsl
• Follow setup instructions in shell

With access to a Unix shell:
• Install Docker:

# For Debian-based systems:
sudo apt -y update && sudo apt -y upgrade && sudo apt -y install docker.io

# For Arch-based systems:
sudo pacman -Syu && sudo -S docker.io Cloud Environment

• An Azure account:
• If you do not currently have a personal and/or company Azure account, create a free one here: https://azure.microsoft.com/en-gb/free
• Signup requires a valid credit card, but there are no initial charges
• Free Azure accounts come with USD200 of credit
• A minimum quota of 13 vCPUs in the North Europe region is required
• Follow the instructions in this link: https://learn.microsoft.com/en-us/azure/quotas/quickstart-increase-quota-portal


Install WSL

Install Windows Subsystem for Linux with the command, wsl --install. Use a Bash terminal on your Windows machine run by your preferred Linux distribution - Ubuntu, Debian, SUSE, Kali, Fedora, Pengwin, Alpine, and more are available. 



Create Your Azure Free Account Today | Microsoft Azure

Get started with 12 months of free services, 40+ services that are always free, and USD200 in credit. Create your free account today with Microsoft Azure.



Quickstart - Request a quota increase in the Azure portal - Azure Quotas

This quickstart shows you how to increase a quota in the Azure portal.

As usual , any questions, get in touch.

Kind Regards




  • Stephen Kinghan


  • Gabriel Doyle-Finch




Wednesday, July 5, 2023
5:20 PM – 6:30 PM UTC


  • Rupert Truman


    Senior Consulting Sales Engineer

  • Paul Brinkman

    Bank of England


  • Even Hvatum-Biggs


    User Group Leader

  • Rupert Truman

    User Group Leader - Splunker Support

Contact Us