Home data onboarding iptable secutity logs splunk app syslog More data onboarding

More data onboarding

, , , ,








Time to check on security logs(firewalls) , so we will add another application.
we will check our ubuntu machine





we will use the vim command of Linux






 We are checking the different sourcetype in data summary that we have so far




We are missing information in some fields




We want to do some search in security. This is what Splunk can verify  and filter with logs in  security






We will try to find some new apps for security







We will check an application from firewall logs, must have a CIM version







The name is  linux :ip table and is downloaded as we can see in the data summary


we are checking the events  with linux:iptable



Now we see a better description than before




We learn how to find and add some apps, what should we be looking for depending of what we newed

If this article was useful, please click like
More data onboarding More data onboarding Reviewed by ohhhvictor on May 10, 2020 Rating: 5

No comments:

Subscribe to: Post Comments ( Atom )
photo imagen120.jpg
Theme images by 5ugarless. Powered by Blogger.