From the course: Splunk for Security Analytics and Monitoring
Join today to access over 24,900 courses taught by industry experts.
Forwarding Linux logs to Splunk - Splunk Tutorial
From the course: Splunk for Security Analytics and Monitoring
Forwarding Linux logs to Splunk
- [Instructor] Imagine that you've got a Linux server and you need to gather the log data frontend and send it over the network to an indexer somewhere else. So we've talked about heavy forwarders and universal forwarders, so which one should we use? Well, the answer really lies in the fact that if you need to do a lot of filtering at the source on the Linux host itself for that gathered log data, then you could use a heavy forwarder. Or, alternatively, if you want something very small and lightweight, you could use a universal forwarder and perhaps do filtering over at the indexer side. In this case, we're going to be using a universal forwarder, so we need to get it installed on Linux. So I've gone at the Free Trial and Downloads page for Splunk. And if I scroll down on that page, I'll eventually get down to the point where I've got the Splunk Universal Forwarder, so I'll click Download Now. That's going to start the…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
(Locked)
Forwarding Linux logs to Splunk10m 16s
-
(Locked)
Forwarding Windows log events to Splunk10m 48s
-
(Locked)
Monitoring Windows files8m 46s
-
(Locked)
Monitoring Windows printers7m 16s
-
(Locked)
Configuring Snort IDS alerts for Splunk7m 32s
-
(Locked)
Configuring an HTTP Event Collector (HEC)7m 54s
-
(Locked)
Forwarding Microsoft AD events to Splunk Cloud9m 1s
-
(Locked)
-
-