Skip to main content

Posts

Showing posts from May, 2017

Splunk - Adding a lookup

These days many companies started using Splunk for security monitoring and the only thing I can say is “it is worth it”.   Splunk can significantly reduce the work load, just imagine that you are operating more than 20 Security Solutions which generated tons of logs and you have to identify an attack and of course react in a prompt fashion. I can certainly recommend Splunk for such scenarios. Of course everything comes at a cost and Splunk is definitely not a cheap product.   I am now using Splunk for past 3 years but still from time to time I need to google some stuff to fix my issues and many a times I had to spend a bit too much time even though the Splunk community is very strong. May be I was not looking into the right direction and perhaps I was too naive to understand what others were talking. Therefore with the medium of my blog, I will share some useful information for all the splunk users. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ C