Log analysis may be the most underappreciated, unsexy aspect of information security. However, it is also one of the most important. Security logs act as a red flag and can be your best friend when protecting the perimeter.
If properly configured, a log can provide the time and place of every event that has occurred in your network or system. However, log analysis can be a tedious process, which is why a good log tool is indispensable. Splunk is a log analyzer tool, and a powerful one. It makes machine data searchable and displays it in an easy-to- understand way with a web dashboard. This makes it very useful for investigations, monitoring, and decision making.
To get started, visit SplunkLinks (https://www.splunk.com/) to an external site.. Make a trial account and download the appropriate installer for your platform. Once installed, begin by working through the tutorial, About the Search Tutorial.Links to an external site.
You will be presented with a sample data set that you can download here, as well: tutorialdatazip.Links to an external site. To complete this assignment, you will need to generate a report to address a query. Parameters
The following criteria is what you are searching for: All instances of someone purchasing a product of type “simulation” from buttercupgames in the past 24 hours Using Splunk’s search criteria and field filters, you should be able to narrow down the results to find the data you’re looking for. (You’ll want to look into the “action” field to get started.) Step through the tutorial, and it should guide you to the outcome Once completed, generate a report, and then export this report as a PDF Submit your PDF for credit.
