Getting Data In

Can I run Splunk on a Virtual Machine in a NetLab environment to monitor traffic, Active Directory, etc?

zrheinecker8495
New Member

I will be competing in a CCDC event and was wondering if I will be able to use Splunk on a VM in a NetLab environment to monitor attacks, traffic, Active Directory, etc by the Red Team of attackers. Any help is greatly appreciated. This is my first time using this program so I am very green. Thanks again

Tags (3)
0 Karma

zrheinecker8495
New Member

I believe this is something that will work for what I am needing. IF you have any experience with this, please let me know. I am trying to learn as much as possible and welcome any/all input and feedback. Thanks

http://docs.splunk.com/Documentation/MSApp/1.1.0/MSInfra/Releasenotes

0 Karma

trsavela
Path Finder

This is not a bad app at all. I was a co-presenter at Splunk LIve this year and that was one of the apps we demoed. I use the vmWare and netApp apps daily.

apps.splunk.com is a great place to look for more.

0 Karma

trsavela
Path Finder

There is a good doc to get you going on sizing, link below.

http://docs.splunk.com/Documentation/Splunk/6.2.1/Capacity/Referencehardware

0 Karma

zrheinecker8495
New Member

Thank you for the link. I don't believe sizing will be an issue for me. I'm starting to look into Apps and Add-ons to meet my needs. Thank you again!

0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

 (view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...