Detect Credit Card Numbers using Luhn Algorithm
Detect if any log file in Splunk contains Credit Card numbers.
This content is not mapped to any local saved search. Add mapping
How to Implement
Onboard application logs, debug logs and other locations where log files could be written. The you should modify the first line in the detection to include all locations.
Known False Positives
The false positive rate for this should be low although it is not impossible for a number series to appear in a log file that happens to be a valid CC number.
How To Respond
Immediately find the offending log file and investigate how the Credit Card numbers got written there. It might be an application or an attacker that have placed the numbers in the file.
Detect Credit Card Numbers using Luhn Algorithm Help
The detection first detects Credit Cards using a regex. It then applies the Luhn algorithm to validate if the number extracted is valid or not.
SPL for Detect Credit Card Numbers using Luhn Algorithm
|First we select a few sources that might contain dumped Credict Card numbers.|