小翔博客

splunk 常用资源

佚名 6年前 (2019-05-10) 随笔 2272人围观抢沙发百度已收录

Splunk Add-on for Check Point OPSEC LEA version 4.3.1 Copyright (C) 2018 Splunk Inc. All Rights Reserved. For documentation, see: http://docs.splunk.com/Documentation/AddOns/latest/OPSEC-LEA 安装在转发器 Step1. 删除APP cd /opt/splunk/etc/apps/ rm -rf Splunk_TA_checkpoint-opseclea Step2. 重启 /opt/splunk/bin/splunk restart 注册： subscription-manager register --username= lan_shiyun@126.com --password=lsy@2018 --auto-attach yum install -y glibc.i686 yum install -y pam yum install -y pam.i686 转发器配置 http://www.mottoin.com/tech/115392.html https://docs.splunk.com/Documentation/Forwarder/7.2.1/Forwarder/Configureforwardingwithoutputs.conf Splunk Add-on https://docs.splunk.com/Documentation/AddOns Splunk APP https://splunkbase.splunk.com/ Splunk Answers https://answers.splunk.com/index.html Splunk Universal Forwarder https://www.splunk.com/en_us/download/universal-forwarder.html https://www.splunk.com/page/previous_releases/universalforwarder https://docs.splunk.com/Documentation/Forwarder/latest/Forwarder/InstallaWindowsuniversalforwarderfromaninstaller#Choose_the_account_that_the_universal_forwarder_should_use https://blog.csdn.net/yeah_go/article/details/77894540 collection 集合 view 视图 a href 链接一个栏目可以是一个view, 也可以是一个collection．一个collection栏目下面可以有多个view视图、href链接或子栏目pa 配置位置：配置>用户界面>视图，导航栏高级开发手册 http://docs.splunk.com/Documentation/Splunk/latest/AdvancedDev https://docs.splunk.com/Documentation/Splunk/7.2.4/Admin/Webconf https://docs.splunk.com/Documentation/Splunk/7.2.4/Admin/Appconf#app.conf.spec APP http://splunk.force.com/SplunkCloud?prdType=EnterpriseSecurity&_ga=2.92242522.1900337799.1548724259-798176765.1547514836 Splunk Apps网站 http://apps.splunk.com Check Point App for Splunk https://splunkbase.splunk.com/app/4293/ https://sc1.checkpoint.com/documents/App_for_Splunk/html_frameset.htm http://supportcontent.checkpoint.com/solutions?id=sk122323 https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk31311&partition=General&product=SmartView R80.10 Log Exporter T43 sk122323 https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=62128 Splunk Enterprise Security https://splunkbase.splunk.com/app/263/ https://splunkbase.splunk.com/app/2897/ Use Splunk Enterprise Security https://docs.splunk.com/Documentation/ES/4.5.0/User/Overview About the Splunk Add-on for Websense DLP https://docs.splunk.com/Documentation/AddOns/released/WebsenseDLP/About 安装在搜索头 cd /opt/splunk/etc/apps rm -rf Splunk_TA_websense-dlp /opt/splunk/bin/splunk restart The Splunk Add-on for Microsoft SQL Server https://docs.splunk.com/Documentation/AddOns/released/MSSQLServer/About Command Modular Input https://splunkbase.splunk.com/app/1553/ Check Point App for Splunk https://splunkbase.splunk.com/app/4293/ https://sc1.checkpoint.com/documents/App_for_Splunk/html_frameset.htm (forwarder, indexer, and search head). 简体中文版手册 https://docs.splunk.com/Documentation/Splunk/6.5.0/Translated/SimplifiedChinesemanuals 搜索命令手册 https://docs.splunk.com/Documentation/Splunk/7.2.5/SearchReference/Collect Command quick reference https://docs.splunk.com/Documentation/Splunk/7.2.6/SearchReference/ListOfSearchCommands Splunk 工具App和Add-on整理总结 https://blog.csdn.net/ffjl1985/article/details/78626506 Splunk 网络App和Add-on整理总结 https://blog.csdn.net/ffjl1985/article/details/78626252 Overview of Splunk apps and add-ons | Splunk http://dev.splunk.com/view/SP-CAAAFDW Splunk 数据库App和Add-on整理总结 https://blog.csdn.net/ffjl1985/article/details/78626288 Splunk Supporting Add-on for Active Directory https://splunkbase.splunk.com/app/1151/ https://docs.splunk.com/Documentation/SA-LdapSearch/2.2.0/User/AbouttheSplunkSupportingAdd-onforActiveDirectory Splunk App for Microsoft Exchange https://splunkbase.splunk.com/app/1660/ Palo Alto Networks App for Splunk https://splunkbase.splunk.com/app/491/ https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle NTsyslog http://ntsyslog.sourceforge.net/ https://sourceforge.net/projects/ntsyslog/files/Installer/NTSyslog%201.15%20%28full%29/ Evtsys–轻松将Windows日志转换为SYSLOG http://sns.iianews.com/space-527920-do-blog-id-11536.html https://www.snaresolutions.com/products/snare-agents/open-source-agents/ 规则库 https://xz.aliyun.com/t/1974 解析规则库关联规则合并规则多日志规则联关动规则微步在线 https://x.threatbook.cn/api 威胁情报 https://threatbook.cn/product/tip Splunk User Behavior Analytics (Splunk UBA) https://splunkbase.splunk.com/app/2941/#/overview Splunk App for Unix and Linux https://splunkbase.splunk.com/app/273/ 转发配置文件 outputs. /opt/splunk/etc/system/local/outputs.conf 接收配置文件 /opt/splunk/etc/system/local/inputs.conf https://www.kiwisyslog.com/downloads 收费，试用60天。 Splunk App for VMware https://splunkbase.splunk.com/app/725/ Splunk Add-on for VMware https://splunkbase.splunk.com/app/3215/ Splunk OVA for VMware https://splunkbase.splunk.com/app/3216/ F5 Networks - LTM https://splunkbase.splunk.com/app/812/ Splunk Add-on for F5 BIG-IP https://splunkbase.splunk.com/app/2680/ https://docs.splunk.com/Documentation/AddOns/latest/F5BIGIP/About Set up user authentication with LDAP https://docs.splunk.com/Documentation/Splunk/latest/Security/SetUpUserAuthenticationWithLDAP Splunk Add-on for NGINX (Search Heads) https://splunkbase.splunk.com/app/3258/ https://docs.splunk.com/Documentation/AddOns/latest/nginx/About https://www.weblogexpert.com/info/NginxLogs.htm https://www.weblogexpert.com/sample/index.htm http://nginx.org/en/docs/http/ngx_http_log_module.html https://docs.nginx.com/nginx/admin-guide/monitoring/logging/ https://stackoverflow.com/questions/25591828/nginx-logging-to-syslog Splunk Add-on for ISC BIND https://splunkbase.splunk.com/app/2876/#/details https://docs.splunk.com/Documentation/AddOns/latest/ISCBIND/About Splunk DB Connect 《Splunk智能运维实战》p204 https://splunkbase.splunk.com/app/2686/ https://docs.splunk.com/Documentation/DBX/latest To use Splunk DB Connect in a distributed search environment, including search head clusters, you must determine the planned use cases. For ad hoc, interactive usage of database connections by live users, install the app on search head(s). For scheduled indexing from databases and output of data to databases, install the app on heavy forwarder(s). When planning a large DB Connect deployment, the ideal configuration for your needs can depend on a number of factors, including: * Total number of Forwarders in the deployment, and the hardware specifications of each. * Total expected data volume to transfer. * Number of database inputs per Forwarder. * Dataset size, per input, per interval. * Execution Frequency, the interval length between a database input's separate executions. * Fetch size (note that not all JDBC drivers use this parameter for returning result sets). https://dev.mysql.com/downloads/connector/j/ https://docs.microsoft.com/en-us/sql/connect/jdbc/microsoft-jdbc-driver-for-sql-server?view=sql-server-2017 Trend Micro Deep Security for Splunk https://splunkbase.splunk.com/app/1936/ Splunk Add-on for Apache Web Server https://splunkbase.splunk.com/app/3186/ https://www.loggly.com/ultimate-guide/centralizing-apache-logs/ http://httpd.apache.org/docs/current/mod/mod_log_config.html https://docs.splunk.com/Documentation/AddOns/latest/ApacheWebServer/About Splunk App for Web Analytics https://splunkbase.splunk.com/app/2699/#/details Website Monitoring https://splunkbase.splunk.com/app/1493/#/details Web Page Monitor https://splunkbase.splunk.com/app/29/#/overview Splunk Add-on for Microsoft IIS https://splunkbase.splunk.com/app/3185/ https://docs.splunk.com/Documentation/AddOns/latest/MSIIS/About Splunk Add-on for Microsoft Windows DNS https://splunkbase.splunk.com/app/3208/ DDST DNS Analytics for Splunk https://splunkbase.splunk.com/app/1090/ Windows DNS Logs Analytics https://splunkbase.splunk.com/app/3012/ DNS Insight https://splunkbase.splunk.com/app/1827/#/details Farsight DNSDB for Splunk https://splunkbase.splunk.com/app/3050/ syslog-ng Open Source Edition - Technical Documentation https://www.syslog-ng.com/technical-documents/list/syslog-ng-open-source-edition/3.20 Installing latest syslog-ng on RHEL and other RPM distributions https://www.syslog-ng.com/community/b/blog/posts/installing-latest-syslog-ng-on-rhel-and-other-rpm-distributions See how to optimize SIEM with syslog-ng https://www.youtube.com/watch?v=-mlhu9dSpe0 Scaling to large networks with syslog-ng https://www.youtube.com/watch?v=NAtKt5wrV3c Using syslog-ng with splunk https://www.splunk.com/blog/2016/03/11/using-syslog-ng-with-splunk.html Syslog for windows https://nxlog.co/products/all/download https://nxlog.co/docs/nxlog-ce/nxlog-reference-manual.html

Splunk 存储App和Add-on整理总结

https://blog.csdn.net/ffjl1985/article/details/78626333

Splunk 工具App和Add-on整理总结

https://blog.csdn.net/ffjl1985/article/details/78626506 报表自动发送（Report Sender）下载地址： https://apps.splunk.com/app/2614/ PDF Report Capture for Splunk https://splunkbase.splunk.com/app/4132/ Smart PDF Exporter for Splunk https://splunkbase.splunk.com/app/4030/#/details REST API Modular Input https://splunkbase.splunk.com/app/1546/ Network Tools Ping dns Whois speedtest https://splunkbase.splunk.com/app/3491/ Ping federations https://splunkbase.splunk.com/app/976/ Splunk Add-on for Infoblox https://splunkbase.splunk.com/app/2934/#/details https://docs.splunk.com/Documentation/AddOns/latest/Infoblox/About splunk 自签证书 https://docs.splunk.com/Documentation/Splunk/7.0.3/Security/Howtoself-signcertificates Infoblox Intelligence https://splunkbase.splunk.com/app/4472/ https://splunkbase.splunk.com/app/4472/#/details Infoblox ActiveTrust Cloud https://splunkbase.splunk.com/app/3850/ Splunk Common Information Model (CIM) https://splunkbase.splunk.com/app/1621/#/details https://docs.splunk.com/Documentation/CIM/latest/User/Overview

扫码关注我们

微信号：SRE实战

拒绝背锅运筹帷幄

赞 0 赏分享

转载请注明 : 文章转载自小翔博客 splunk 常用资源

本文标题：splunk 常用资源

本文链接：https://www.liuyixiang.com/post/85778.html

上一篇 : 我的.eslintrc.js

下一篇 : 各种网址集合

评论列表暂无评论

发表评论

« 2024年2月 »
一	二	三	四	五	六	日
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29