Security

Is it possible for Splunk to read from a firewall using just the command line interface?

mahmudomer
Engager

Using Ubuntu, Is it possible for Splunk to read from a firewall that's setup and output results in real time or in a log without using any splunk apps and just using command line?
If it is possible any direction on how I could go about it?

Thanks.

0 Karma

vasanthmss
Motivator

Hi Mahmudomer,

You can monitor any local / Remote directory from command line by running command with required parameter.
Local,

 ./splunk add monitor <log path>

In-Case the files are in remote then you can use TCP/UDP. Read Splunk documentation Link

Mount filesystem / soft link may help you .

0 Karma
Register for .conf21 Now! Go Vegas or Go Virtual!

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.