I want to create a setup where splunk monitors browsing from Firefox browser on ubuntu machine.
If a user browses a blacklisted website a real time alert is created and admin is notified.
breaking the problem to 2 separate isssue:
1) how do I get splunk to monitor Firefox browser on ubuntu
2) how do I create an alarm that goes to the admin (email, app etc)
Thank you!
1) how do I get splunk to monitor Firefox browser on ubuntu
a simple browsing log(not sure how to get this).. or, web logs from iis, or firewall logs for your team/group/company would be perfect for this browsing history.
2) how do I create an alarm that goes to the admin (email, app etc)
once you ingested the logs to splunk, then searching and creating alerts(alarm) email notifications is an easy task.