Splunk in a Virtual Lab

Note: This post is the Introduction to the series on using Splunk in a Virtual Lab – The full series is Introduction, Part 1, Part 2, Part 3, and Part 4.

I have made a series of posts about integrating Splunk into a virtual security lab.

Posts

• Part 1: CentOS virtual machine for Splunk
• Part 2: Install Splunk on CentOS VM
• Part 3: Installing Splunk Forwarder on Ubuntu
• Part 4: Import data into Splunk

Resources

• CentOS - Minimal ISO
• CentOS - Mirror (you will need to find the one closest to you)
• Splunk
• PuTTY
• Ubuntu
• VirtualBox
• Video: Splunk Development - Creating a Linux Virtual Machine by 5minSplunk
  
  Part 1 | Part 2 | Part 3
• Video: Splunk Development - Creating a Virtual Machine using VirtualBox

Additional Reading/Articles

Setting up Splunk for Event Correlation in Your Home Lab

Input Data into Splunk

Input Data Video: https://www.splunk.com/en_us/training/videos/getting-data-in-to-splunk-enterprise-linux.html