Cybersecurity class project 3 was centered around setting up Splunk and analysis of Apache and Widows logs. For me personally, it was a bit of a learning curve figuring out how to setup Splunk initially as we were installing through Docker containers outside of the official method designed for our class (The infrastructure used for class was having tons of issues at the time). After getting everything setup properly, it seemed pretty straight forward, with the exception of needing to learn the specific keywords/terms/phrases used specially for Splunk. It was a really neat experience being able to handle visual elements of logs, as well as being able to setup custom dashboards and alert/event based triggers.
Update 8/2024 – After getting more experience and progress with the hosting of my own website and server management, have recently integrated Splunk monitoring of this server, as well as implementing of automated alerts.