Security

Is it possible for Splunk to read from a firewall using just the command line interface?

mahmudomer
Engager

Using Ubuntu, Is it possible for Splunk to read from a firewall that's setup and output results in real time or in a log without using any splunk apps and just using command line?
If it is possible any direction on how I could go about it?

Thanks.

0 Karma

vasanthmss
Motivator

Hi Mahmudomer,

You can monitor any local / Remote directory from command line by running command with required parameter.
Local,

 ./splunk add monitor <log path>

In-Case the files are in remote then you can use TCP/UDP. Read Splunk documentation Link

Mount filesystem / soft link may help you .

V
0 Karma
Get Updates on the Splunk Community!

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud  In today’s fast-paced digital ...

Observability protocols to know about

Observability protocols define the specifications or formats for collecting, encoding, transporting, and ...

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...