Splunk Add-on for Check Point OPSEC LEA version 4.3.1
Copyright (C) 2018 Splunk Inc. All Rights Reserved.
For documentation, see:
http://docs.splunk.com/Documentation/AddOns/latest/OPSEC-LEA
安装在转发器
Step1. 删除APP
cd /opt/splunk/etc/apps/
rm -rf Splunk_TA_checkpoint-opseclea
Step2. 重启
/opt/splunk/bin/splunk restart
注册:
subscription-manager register --username=
lan_shiyun@126.com --password=lsy@2018 --auto-attach
yum install -y glibc.i686
yum install -y pam
yum install -y pam.i686
转发器配置
Splunk Add-on
Splunk APP
Splunk Answers
Splunk Universal Forwarder
collection 集合
view 视图
a href 链接
一个栏目可以是一个view, 也可以是一个collection.
一个collection栏目下面可以有多个view视图、href链接或子栏目pa
配置位置:配置>用户界面>视图,导航栏
高级开发手册
APP
Splunk Apps网站
Check Point App for Splunk
R80.10 Log Exporter T43 sk122323
Splunk Enterprise Security
Use Splunk Enterprise Security
About the Splunk Add-on for Websense DLP
安装在搜索头
cd /opt/splunk/etc/apps
rm -rf Splunk_TA_websense-dlp
/opt/splunk/bin/splunk restart
The Splunk Add-on for Microsoft SQL Server
Command Modular Input
Check Point App for Splunk
(forwarder, indexer, and search head).
简体中文版手册
搜索命令手册
Command quick reference
Splunk 工具App和Add-on整理总结
Splunk 网络App和Add-on整理总结
Overview of Splunk apps and add-ons | Splunk
Splunk 数据库App和Add-on整理总结
Splunk Supporting Add-on for Active Directory
Splunk App for Microsoft Exchange
Palo Alto Networks App for Splunk
NTsyslog
Evtsys–轻松将Windows日志转换为SYSLOG
规则库
解析规则库
关联规则
合并规则
多日志规则
联关动规则
微步在线
威胁情报
Splunk User Behavior Analytics (Splunk UBA)
Splunk App for Unix and Linux
转发配置文件 outputs.
/opt/splunk/etc/system/local/outputs.conf
接收配置文件
/opt/splunk/etc/system/local/inputs.conf
收费,试用60天。
Splunk App for VMware
Splunk Add-on for VMware
Splunk OVA for VMware
F5 Networks - LTM
Splunk Add-on for F5 BIG-IP
Set up user authentication with LDAP
Splunk Add-on for NGINX (Search Heads)
Splunk Add-on for ISC BIND
Splunk DB Connect
《Splunk智能运维实战》p204
To use Splunk DB Connect in a distributed search environment, including search head clusters, you must determine the planned use cases. For ad hoc, interactive usage of database connections by live users, install the app on search head(s). For scheduled indexing from databases and output of data to databases, install the app on heavy forwarder(s).
When planning a large DB Connect deployment, the ideal configuration for your needs can depend on a number of factors, including:
* Total number of Forwarders in the deployment, and the hardware specifications of each.
* Total expected data volume to transfer.
* Number of database inputs per Forwarder.
* Dataset size, per input, per interval.
* Execution Frequency, the interval length between a database input's separate executions.
* Fetch size (note that not all JDBC drivers use this parameter for returning result sets).
Trend Micro Deep Security for Splunk
Splunk Add-on for Apache Web Server
Splunk App for Web Analytics
Website Monitoring
Web Page Monitor
Splunk Add-on for Microsoft IIS
Splunk Add-on for Microsoft Windows DNS
DDST DNS Analytics for Splunk
Windows DNS Logs Analytics
DNS Insight
Farsight DNSDB for Splunk
syslog-ng Open Source Edition - Technical Documentation
Installing latest syslog-ng on RHEL and other RPM distributions
See how to optimize SIEM with syslog-ng
Scaling to large networks with syslog-ng
Using syslog-ng with splunk
Syslog for windows
Splunk 存储App和Add-on整理总结
Splunk 工具App和Add-on整理总结
报表自动发送(Report Sender)下载地址:
https://apps.splunk.com/app/2614/
PDF Report Capture for Splunk
Smart PDF Exporter for Splunk
REST API Modular Input
Network Tools
Ping dns Whois speedtest
Ping federations
Splunk Add-on for Infoblox
splunk 自签证书
Infoblox Intelligence
Infoblox ActiveTrust Cloud
Splunk Common Information Model (CIM)
https://docs.splunk.com/Documentation/CIM/latest/User/Overview
扫一扫
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
