Splunk Development Day 3: - Vikram Yadav (VY)

Uploaded by

Loga K

0% found this document useful (0 votes)

70 views10 pages

Original Title

Splunk-Day3

Copyright

Available Formats

PPTX, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PPTX, PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

70 views10 pages

Splunk Development Day 3: - Vikram Yadav (VY)

Uploaded by

Loga K

Copyright:

Available Formats

Download as PPTX, PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 10

Search inside document

Splunk

Development
Day 3
- Vikram Yadav (VY)

Your attendance & progress of the course will be calculated based

on the completion of the assignments and quiz.
Agenda – Day 3
• Getting data in
• Understanding Data
• Upload, Monitor and forward
• Configuration File
• Lab
Getting Data in
• JSON File
• XML File
• Log File
• Log File with Timestamp
• TXT File
• Proprietary format
• CSV File
• ZIP/GZ compressed files
Getting Data in
• Host: This is used to identify the host from where the data is coming

• Index: This is used to set the path where you want the data to be stored

• Source: This is used to identify the path from where you are collecting data

• Sourcetype: This is used to determine the format of incoming data

Getting Data in

Upload Monitor Forward

Local/Remote Event Logs
Files/Directories
TCP/UDP
Local/Remote
Performance Monitoring
Registry Monitoring
AD Monitoring
Windows
Host/Network/Print
Monitoring
Scripts/PowerShell input
Configuration Files
• Where will you find this files?
• $SPLUNK_HOME/etc/system/default
• $SPLUNK_HOME/etc/system/local
• $SPLUNK_HOME/etc/apps/default
• $SPLUNK_HOME/etc/apps/local

• Precedence
• System local directory — highest priority
• App local directories
• App default directories
• System default directory — lowest priority
Configuration Files
• What is stored in this config files? ( example - \etc\system\README)
• System Settings
• Authentication
• Authorization
• Indexes
• Deployment Configurations
• Cluster Configurations
• Saved Searches
Configuration Files
• Common/Mostly used Configuration Files?
• inputs.conf
• outputs.conf
• props.conf
• savedsearches.conf
• indexes.conf
• authentication.conf
• authorize.conf
Lab

• Upload any Log File/Windows Source on Splunk

• Monitor files / Directory
• Local Performance Monitoring

Please submit an email with a screenshot of the assignment before the commencement of the next class, Also in order to
move forward with the course, it is important to complete this assignment. If you are unable to complete the assignment or
need any assistance regarding the same, please email me at vikram@avotrix.com
Question & Answer.....

Forerense en Linux
Document18 pages
Forerense en Linux
Kika Arteaga F
No ratings yet
Unix Filestructure Related System Calls
Document26 pages
Unix Filestructure Related System Calls
Meghana
No ratings yet
Memory Forensic in Incident Response
Document74 pages
Memory Forensic in Incident Response
Sunidhi Jain
100% (1)
Forensic Analysis of A Windows 2000 Server Operating System: Joshua Young CS585F - Fall 2002
Document63 pages
Forensic Analysis of A Windows 2000 Server Operating System: Joshua Young CS585F - Fall 2002
Khan Bahi
No ratings yet
Digital Forensics Tools for Investigations
Document51 pages
Digital Forensics Tools for Investigations
israa
No ratings yet
splunk basics
Document13 pages
splunk basics
akshat jain
No ratings yet
Akuisisi Data: Forensic Computer
Document76 pages
Akuisisi Data: Forensic Computer
Darma
No ratings yet
Guide To Computer Forensics and Investigations Fourth Edition
Document58 pages
Guide To Computer Forensics and Investigations Fourth Edition
Mr J Briso Beclay Bell IT
No ratings yet
File Management
Document67 pages
File Management
Tharaka Methsara
No ratings yet
SCI4201 Lecture 4 - Data Acquistion
Document46 pages
SCI4201 Lecture 4 - Data Acquistion
onele mabhena
No ratings yet
File Concept Access Methods Directory Structure File System Mounting File Sharing Protection
Document30 pages
File Concept Access Methods Directory Structure File System Mounting File Sharing Protection
Farooq Shad
No ratings yet
Red Hat Enterprise Linux Troubleshooting Guide
From Everand
Red Hat Enterprise Linux Troubleshooting Guide
Cane Benjamin
Rating: 4 out of 5 stars
4/5 (1)
GDC - Wrapper
Document53 pages
GDC - Wrapper
api-3754320
No ratings yet
Unix: System Administration and Security
Document33 pages
Unix: System Administration and Security
anoop
100% (2)
File MGMT
Document41 pages
File MGMT
Roshan Nandan
No ratings yet
39 - Physical Memory Forensics
Document53 pages
39 - Physical Memory Forensics
smithm007
No ratings yet
File System
Document37 pages
File System
Zainab Hameed
No ratings yet
Guide To Computer Forensics and Investigations Fourth Edition
Document56 pages
Guide To Computer Forensics and Investigations Fourth Edition
MD HOSSAIN
No ratings yet
CH 04
Document13 pages
CH 04
balajinaik07
No ratings yet
Files File System Core Lecture
Document36 pages
Files File System Core Lecture
vivek
No ratings yet
Unix File System
Document15 pages
Unix File System
Vamsi Krishna
No ratings yet
Chapter 3 - Files and IO
Document33 pages
Chapter 3 - Files and IO
noahmuller
No ratings yet
14 File System Implementation
Document46 pages
14 File System Implementation
demelash belay
No ratings yet
Week 11
Document78 pages
Week 11
manyagarg787
No ratings yet
DFS Design and Implementation: Brent R. Hafner
Document40 pages
DFS Design and Implementation: Brent R. Hafner
Shweta panwar
No ratings yet
Osy Ch. 02
Document36 pages
Osy Ch. 02
Sizzleropqm Kejen
No ratings yet
Chapter 5 File Management
Document37 pages
Chapter 5 File Management
Brian Mutuku
100% (1)
RAllen Windows Server 2003 Command-Line Tools
Document22 pages
RAllen Windows Server 2003 Command-Line Tools
coj232831
No ratings yet
Data Acquisition Methods and Techniques
Document29 pages
Data Acquisition Methods and Techniques
يُ يَ
No ratings yet
File Sys 1 PDF
Document43 pages
File Sys 1 PDF
vidishsa
No ratings yet
OS File Systems and Directories
Document86 pages
OS File Systems and Directories
AN NINH NGUYEN
No ratings yet
Operating System Unit-V
Document64 pages
Operating System Unit-V
suresh R
No ratings yet
File System Forensics: Dr. N.B. Venkateswarlu
Document42 pages
File System Forensics: Dr. N.B. Venkateswarlu
venkat_ritch
No ratings yet
Windows System Artifacts
Document35 pages
Windows System Artifacts
Ain Anuar
No ratings yet
Operating Systems and Linux II
Document25 pages
Operating Systems and Linux II
divyarai12345
No ratings yet
Advance C Project Chapter 2 (Introduction To File Handling in C-Part 1)
Document13 pages
Advance C Project Chapter 2 (Introduction To File Handling in C-Part 1)
THULASI
No ratings yet
Presentation On Backup
Document41 pages
Presentation On Backup
Manish Kapoor
No ratings yet
09 Creating An Oracle Database
Document105 pages
09 Creating An Oracle Database
papusaha
No ratings yet
3-1 Unix PPTS
Document828 pages
3-1 Unix PPTS
Aditya Singh
No ratings yet
Chapter 3 With With CentOS
Document39 pages
Chapter 3 With With CentOS
Pong Daro
No ratings yet
The Process: Ami Tri Cahyadi
Document24 pages
The Process: Ami Tri Cahyadi
ansep12
No ratings yet
Ch. 2 ... Part - 4
Document15 pages
Ch. 2 ... Part - 4
V
No ratings yet
Operating System Services
Document20 pages
Operating System Services
Archana Gupta
No ratings yet
08 Filesys
Document12 pages
08 Filesys
tadese naty
No ratings yet
Distributed File Systems
Document50 pages
Distributed File Systems
rid9
No ratings yet
File carving fundamentals and techniques
Document39 pages
File carving fundamentals and techniques
puggod
No ratings yet
CH 09
Document56 pages
CH 09
debbyta
No ratings yet
Data Formats
Document89 pages
Data Formats
Rachit Anand
No ratings yet
Actionable DFIR: High Level System Analysis To Get Answers Fast
Document21 pages
Actionable DFIR: High Level System Analysis To Get Answers Fast
Chad Graham
100% (2)
Lecture 1
Document23 pages
Lecture 1
Pavan Kumar
No ratings yet
Lecture 11
Document40 pages
Lecture 11
Alem Mezgebo
No ratings yet
Advances in File Carving: Rob Zirnstein, President Forensic Innovations, Inc
Document26 pages
Advances in File Carving: Rob Zirnstein, President Forensic Innovations, Inc
ljdwhiz1
No ratings yet
Chapter 7 & 8 File Systems: Computer Department SPIT, Piludara
Document80 pages
Chapter 7 & 8 File Systems: Computer Department SPIT, Piludara
jigneshbalol29
No ratings yet
1-File Structure
Document17 pages
1-File Structure
Frankk velasco
No ratings yet
Data Onboarding From Scratch
Document51 pages
Data Onboarding From Scratch
Abhinav
No ratings yet
CH 04 I C
Document93 pages
CH 04 I C
balajinaik07
No ratings yet
File System
Document30 pages
File System
Rishabh Chandila
No ratings yet
Alfresco 3 Records Management
From Everand
Alfresco 3 Records Management
Dick Weisinger
No ratings yet
Mastering SaltStack - Second Edition
From Everand
Mastering SaltStack - Second Edition
Hall Joseph
No ratings yet
Linux Shell Scripting Essentials
From Everand
Linux Shell Scripting Essentials
Kumari Sinny
Rating: 1.5 out of 5 stars
1.5/5 (2)
Splunk Development Day 3: - Vikram Yadav (VY)
Document10 pages
Splunk Development Day 3: - Vikram Yadav (VY)
Loga K
No ratings yet
Splunk Development Day 1 Overview
Document34 pages
Splunk Development Day 1 Overview
Loga K
No ratings yet
Splunk Development Day 4: - Vikram Yadav (VY)
Document18 pages
Splunk Development Day 4: - Vikram Yadav (VY)
Loga K
No ratings yet
Splunk Development Day 5: - Vikram Yadav (VY)
Document29 pages
Splunk Development Day 5: - Vikram Yadav (VY)
Loga K
No ratings yet
Splunk Development Day 2: - Vikram Yadav (VY)
Document14 pages
Splunk Development Day 2: - Vikram Yadav (VY)
Loga K
No ratings yet
Splunk Development Day 2: - Vikram Yadav (VY)
Document14 pages
Splunk Development Day 2: - Vikram Yadav (VY)
Loga K
No ratings yet
Splunk Development Day 4: - Vikram Yadav (VY)
Document18 pages
Splunk Development Day 4: - Vikram Yadav (VY)
Loga K
No ratings yet
Splunk Development Day 5: - Vikram Yadav (VY)
Document29 pages
Splunk Development Day 5: - Vikram Yadav (VY)
Loga K
No ratings yet
Splunk Development Day 1 Overview
Document34 pages
Splunk Development Day 1 Overview
Loga K
No ratings yet
Data Transform Superclass Feature
Document2 pages
Data Transform Superclass Feature
Umith Indula
No ratings yet
GIS Article Review
Document2 pages
GIS Article Review
Halimah Sheikh
No ratings yet
J1.L.P0029-Tour Management-500
Document3 pages
J1.L.P0029-Tour Management-500
shinkiriloveforever
No ratings yet
Data Scraping & Crawling For Beginners To Data Analysis
Document9 pages
Data Scraping & Crawling For Beginners To Data Analysis
Adri Yasper
No ratings yet
Using Oracle Cloud Infrastructure Ravello Service
Document55 pages
Using Oracle Cloud Infrastructure Ravello Service
Domenico Conte
No ratings yet
Check Video Ads
Document231 pages
Check Video Ads
thu
No ratings yet
Rails Basics
Document229 pages
Rails Basics
achhu
No ratings yet
AutroSafe 4 Configuration Tool Overview
Document20 pages
AutroSafe 4 Configuration Tool Overview
Juan Luis
No ratings yet
cc2500 Con
Document25 pages
cc2500 Con
prasad357
No ratings yet
List of 7400 Series Integrated Circuits - Wikipedia, The Free Encyclopedia
Document11 pages
List of 7400 Series Integrated Circuits - Wikipedia, The Free Encyclopedia
Hermes Heli Retiz Alvarez
No ratings yet
Mavrix
Document16 pages
Mavrix
Rock Mark
No ratings yet
SOP Saint Louis University
Document2 pages
SOP Saint Louis University
wwecraje
No ratings yet
DYNA4 Car Professional
Document4 pages
DYNA4 Car Professional
RasoolKhadibi
No ratings yet
Hawassa University: Institute of Technology
Document7 pages
Hawassa University: Institute of Technology
Anduamlak Alehegne
No ratings yet
Overview and Applications of Profinet: Andy Verwer Verwer Training & Consultancy LTD
Document33 pages
Overview and Applications of Profinet: Andy Verwer Verwer Training & Consultancy LTD
Ramanathan
No ratings yet
ECDIS - Industry Recommendations For ECDIS Familiarisation
Document8 pages
ECDIS - Industry Recommendations For ECDIS Familiarisation
morgoths
No ratings yet
Power BI Version Control Key Concepts 1697687361
Document27 pages
Power BI Version Control Key Concepts 1697687361
mhasanakhtar92
No ratings yet
Manual ZTE ZXCTN-6200-V11 20090825 EN V1
Document73 pages
Manual ZTE ZXCTN-6200-V11 20090825 EN V1
2011273434
No ratings yet
MAIN Electrical Parts List: Firmware
Document9 pages
MAIN Electrical Parts List: Firmware
Servi-vent Moreno
No ratings yet
IP Lab Manual 8661 Ready
Document105 pages
IP Lab Manual 8661 Ready
RADHA
No ratings yet
Multi-Level Packaging in Delivery
Document2 pages
Multi-Level Packaging in Delivery
Sathyanarayana Bodgmkar
No ratings yet
Microsoft Symbol and Type Information Formats Specification
Document87 pages
Microsoft Symbol and Type Information Formats Specification
Dee Jay
No ratings yet
Ankit PYTHON LAB
Document17 pages
Ankit PYTHON LAB
Mic Cav
No ratings yet
Computer Programming Old Questions Number-Wise Solutions: Question No. 1
Document20 pages
Computer Programming Old Questions Number-Wise Solutions: Question No. 1
Rusano Irakuga
No ratings yet
VSM Recruiting-The Lean Way
Document12 pages
VSM Recruiting-The Lean Way
rinto.ep
No ratings yet
Radix Sort
Document5 pages
Radix Sort
Mohd arman
No ratings yet
High Performance Grid Computing Introduction
Document37 pages
High Performance Grid Computing Introduction
Prathamesh
No ratings yet
Thesis Hamza Ed-Douibi PDF
Document200 pages
Thesis Hamza Ed-Douibi PDF
mauricioville
No ratings yet
Welcome To The Tribe
Document19 pages
Welcome To The Tribe
Muhammad Yasir
No ratings yet
HP 3600 v2 Switch Series - Security Configuration Guide
Document398 pages
HP 3600 v2 Switch Series - Security Configuration Guide
Allan Berg
No ratings yet