https://everything-cyber.netlify.app/tags/ubuntu/Recent content in Ubuntu on Everything CyberHugo -- gohugo.ioen-usSun, 02 Jul 2023 12:49:58 +0530https://everything-cyber.netlify.app/blog/splunk/Sun, 02 Jul 2023 12:49:58 +0530https://everything-cyber.netlify.app/blog/splunk/Splunk Enterprise with remote Hosts Description This is a sample project to setup a Splunk SIEM lab and forward alerts and events from remote hosts to the splunk server for monitoring and analysing Prerequisites - Virtual box - Ubuntu server iso for hosting our Splunk server - Windows machine (here using windows 7) - Splunk Enterprise Edition and Splunk forwarder (we can get a 14 day trial version from Splunk to use the enterprise edition) Setup - Create 2 VM in Virtual box with Bridged network adapter and enabling Promiscuous mode