Splunk: Log Management

SCENARIO INFORMATION

DESCRIPTION:

This scenario serves as a guide to learn about Log management with Splunk.

Splunk is used for monitoring, searching, analyzing and visualizing the system generated data in real time. It can monitor and read different type of log files and stores data as events in indexers.

OBJECTIVES AND OUTCOME:

After completing this scenario you will be able to:

– Install Splunk on CentOS 7 server
– Configure Splunk
– Change Splunk License
– Configure Splunk to use SSL/TLS certificates
– Limit disk space requirements
– Add Log sources to Splunk
– Analyse Logs using Splunk
– Manage Splunk Agent (Forwarder) installation
– Install Splunk on Debian Server
– Install Splunk on Windows Server
– Achieve Log Correlation Using Splunk

PRE-REQUISITES:

In order to get the full benefit from this scenario, it is suggested that you have competencies in the following areas:

– Basic knowledge in Linux operating systems.

RECOMMENDED READING:

It is suggested that you consult with these recommended reading resources and pre-existing scenarios:

https://www.tutorialspoint.com/splunk/index.htm

AUTHOR:

This scenario was created by Amos Kiprotich.

MODE SINGLEPLAYER
Type CYBER CHALLENGE
DIFFICULTY INTERMEDIATE
TIME 3 HOURS
COST 100 GEMS

Start Scenario

RegisterLogin
Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on reddit
Reddit
Share on whatsapp
WhatsApp
Share on telegram
Telegram
Scroll to Top