Security

how to setup security event logging linux

pontifor
New Member

Hi this is a setup question for compliance monitoring.

I have a linux box, so I index everything under /var/log. I need to build reports that

  • report each account login/logout
  • success or failure of login
  • activities performed
  • software installed/uninstalled

Any hints on how to processed? I think this is basic compliance reporting, maybe there are some examples somwhere?

thanks!
Stefan

Tags (2)
0 Karma
1 Solution

MarioM
Motivator

the Splunk for *nix app has most of what you looking for

View solution in original post

0 Karma

MarioM
Motivator

the Splunk for *nix app has most of what you looking for

0 Karma
Get Updates on the Splunk Community!

Splunk Enterprise Security 8.0.2 Availability: On cloud and On-premise!

A few months ago, we released Splunk Enterprise Security 8.0 for our cloud customers. Today, we are excited to ...

Logs to Metrics

Logs and Metrics Logs are generally unstructured text or structured events emitted by applications and written ...

Developer Spotlight with Paul Stout

Welcome to our very first developer spotlight release series where we'll feature some awesome Splunk ...