Getting Data In
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to setup splunk on home wireless network?

splunkdavidh
Explorer
‎03-14-2020 10:47 PM

I want to learn splunk.
How can I setup splunk on my home WiFi network to learn and practice?

I have Verizon router.
1-Laptop Windows 10
1-Laptop dual boot-Win 10/Kali Linux
2-Desktop PCs with Windows 10

Thanks in advance!

0 Karma
Reply

to4kawa
Ultra Champion
‎03-16-2020 04:24 AM

http://amiracle19.blogspot.com/p/setting-up-verizon-fios-router-for-home.html

I don't know this post is related what you want.

0 Karma
Reply

niketn
Legend
‎03-16-2020 02:03 AM

@splunkdavidh learn about Splunk Stream App which allows you to monitor several protocols in streaming manner (caution monitor those which are needed and control frequency/duration for home test monitor as it will consume bandwidth as well as license for indexing).

Once you are familiar with Splunk Stream (Documentation is also available on Splunkbase), you can also check out Home Monitor app on Splunkbase (PS: I have not tested and not sure whether it is compatible with your network devices or not but do read the details before installing)

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
0 Karma
Reply

afx
Contributor
‎03-15-2020 08:44 AM

Set up Splunk on one of the desktops.
Make sure there are Windows Security Events activated on the box.
Use them as an input.

Install Sysmon for file and other monitoring topics and include them as well.
See whether the router can Syslog data to the Splunk machine.

By now your are probably already getting more data per day than the free license allows.
If not, install universal forwarders on the other boxes and grab their logs as well.
Install a web server on one of the boxes and integrate the logs of the web server.
Of course, for playing, you might include the logs of various sources at different times so that your daily license is not blown.
Once you have the data in you can play with it.
Check out the relevant apps from splunkbase.
Look for old .conf talks on relevant topics.

That should keep you busy for a while 😉

cheers
afx

0 Karma
Reply

splunkdavidh
Explorer
‎03-15-2020 01:11 PM

Thank you!
So basically I don't have to have any specific equipment to learn/practice splunk on my home WiFi network and I don't have to connect my computers to router via Ethernet to router, correct?

0 Karma
Reply

afx
Contributor
‎03-16-2020 01:28 AM

Yes, WiFi is good enough.
and as you do have aKali Maschine, you can hammer your other systems with lots if interesting stuff to create lots of events that you can play with.

I somtimes test things at home and I use Splunk Linux VM on my Windows Laptop to do this. All tha magic happens in that VM.

cheers
afx

0 Karma
Reply

to4kawa
Ultra Champion
‎03-15-2020 01:19 AM

Can your network equipments send logs?

0 Karma
Reply

splunkdavidh
Explorer
‎03-15-2020 01:14 PM

I am not really sure, but I guess I should be able to find out by looking at the specs of my router or logging into router interface.

0 Karma
Reply
Get Updates on the Splunk Community!

Uncovering Multi-Account Fraud with Splunk Banking Analytics

Last month, I met with a Senior Fraud Analyst at a nationally recognized bank to discuss their recent success ...

Secure Your Future: A Deep Dive into the Compliance and Security Enhancements for the ...

What has been announced?  In the blog, “Preparing your Splunk Environment for OpensSSL3,”we announced the ...

New This Month in Splunk Observability Cloud - Synthetic Monitoring updates, UI ...

This month, we’re delivering several platform, infrastructure, application and digital experience monitoring ...
Top