splunk

Splunk Enterprise with remote Hosts Description This is a sample project to setup a Splunk SIEM lab and forward alerts and events from remote hosts to the splunk server for monitoring and analysing Prerequisites - Virtual box - Ubuntu server iso for hosting our Splunk server - Windows machine (here using windows 7) - Splunk Enterprise Edition and Splunk forwarder (we can get a 14 day trial version from Splunk to use the enterprise edition) Setup - Create 2 VM in Virtual box with Bridged network adapter and enabling Promiscuous mode...