Splunk Search Query – Linux Systems Auditing

The auditing of the linux systems is achieved by using the auditd service that is provided by installing audit package. All the system audit log is generated and dumped to /var/log/audit/audit.log. All these audit.log is forwarded to Splunk indexer for indexing this data and then in turn leverage this data to audit the linux systems by using the Splunk search query. We

Read more

Splunk and its Components

Splunk Its all about machine data (logs) – Collect, Index and Analyze. Splunk is a software that indexes IT machine data from any Infrastructure components such as Application, Server (Physical & Virtual) , Network Devices, Web Servers etc . Splunk platform actually aggregates and analyzes the logs that is collected and indexed from various components. It’s powerful, versatile and fast

Read more