45 Page eBook
Splunk tools offer a great deal — software that performs real-time, historical search, log analysis, graphical representation, dashboards, PCIDSS compliance, reports and a lot of other cool stuff. Splunk can index structured or unstructured textual machine-generated data easily. The best part of this tool is the search and analytics operations this gives you power for managing machine-generated big data.
In this mini-course, you will learn several things. Firstly, what splunk is all about, then how it can help you in security and compliance matters, as well as the advantages of using it. Then we will explore basic concepts, such as how to install it on Linux as well as Windows environment and then move on to configuration concepts such as the port splunk uses and how to change the default port. Splunk has many flavors: Splunk Enterprise, Splunk Light, Splunk Cloud, and Hunk. In this course, we will start with Splunk Light (Free edition with limited features) to which you can add your big, unmanaged log files, and real time logs and port monitoring.
Splunk offers great reporting and alter features. Using these functions, you can create reports and set alerts on particular events. We will learn how to use these functions with some very useful search commands. We have also added dashboard material to explain how you can see logs and search results in graphical charts that really help you in presentations. At the end of this mini-course, you will able to learn how splunk will help you to maintain PCI DSS compliance.