Archive
Highlighted

Splunk as Patch Management

Builder

Hello.
How best to implement Patch Management in Splunk for Win\Linux?
Maybe some blogs, articles, APPs that can help me.

0 Karma
Highlighted

Re: Splunk as Patch Management

Contributor

Hi @test_qweqwe,
Could you go through below splunk docs?
https://docs.splunk.com/Documentation/PCI/3.4.1/Install/SystemPatchStatus

Highlighted

Re: Splunk as Patch Management

Builder

Yes, I saw this article, but I still not understand how can i realize it.

0 Karma
Highlighted

Re: Splunk as Patch Management

SplunkTrust
SplunkTrust

That article is part of a larger document for the Splunk App for PCI Compliance app. The article by itself is not very helpful - you'd need to read most of the entire document and even then it's of little use without installing the app. One gets the app from Splunk Sales so there may be an extra cost involved.

---
If this reply helps you, an upvote would be appreciated.
0 Karma
Highlighted

Re: Splunk as Patch Management

SplunkTrust
SplunkTrust

It's not clear what you mean by "patch management".

Perhaps you want to deploy patches to your Windows and Linux servers. Splunk is not a patch management system. You would need a separate product, like Microsoft SCCM or IBM Bigfix for that.

Perhaps you want to patch Splunk itself. Splunk does not ship patches. New versions of Splunk are released at intervals. To keep your Splunk instances current, install the new versions when they come out. Many shops choose to stay one or two versions to avoid unknown bugs.

Perhaps you want to track which patches are installed on your Windows and Linux systems. This is a great use for Splunk. You will, however, need a way to feed Splunk with two lists: 1) the software installed on your systems, including patch identifiers; 2) the software expected to be on those systems, including patch identifiers. Splunk can identify differences between those lists and highlight them for you.

---
If this reply helps you, an upvote would be appreciated.
Highlighted

Re: Splunk as Patch Management

Builder

Yea, I need to track which patches are installed on my Windows and Linux systems.
But I really don't know how to realize such solution and I asked for some help, maybe there are already implemented solutions? Maybe some apps?

0 Karma
Highlighted

Re: Splunk as Patch Management

Builder

Perfect! Love u!

0 Karma