Cybersecurity class project 3 was centered around setting up Splunk and analysis of Apache and Widows logs. For me personally, it was a bit of a learning curve figuring out how to setup Splunk initially as we were installing through Docker containers outside of the official method designed for our class (The infrastructure used for class was having tons of issues at the time). After getting everything setup properly, it seemed pretty straight forward, with the exception of needing to learn the specific keywords/terms/phrases used specially for Splunk. It was a really neat experience being able to handle visual elements of logs, as well as being able to setup custom dashboards and alert/event based triggers.
Log importing
Keyword searching
Dashboard visualizer
alert/event-based triggers
Update 8/2024 – After getting more experience and progress with the hosting of my own website and server management, have recently integrated Splunk monitoring of this server, as well as implementing of automated alerts.
About The Author
Tyler
Tyler is a professional Tines automation specialist with a knack for problem-solving and troubleshooting. He has leveraged the Tines platform in non-traditional ways to streamline workplace tasks and also create unique interactive tools.