Security

how to setup security event logging linux

pontifor
New Member

Hi this is a setup question for compliance monitoring.

I have a linux box, so I index everything under /var/log. I need to build reports that

  • report each account login/logout
  • success or failure of login
  • activities performed
  • software installed/uninstalled

Any hints on how to processed? I think this is basic compliance reporting, maybe there are some examples somwhere?

thanks!
Stefan

Tags (2)
0 Karma
1 Solution

MarioM
Motivator

the Splunk for *nix app has most of what you looking for

View solution in original post

0 Karma

MarioM
Motivator

the Splunk for *nix app has most of what you looking for

0 Karma
Get Updates on the Splunk Community!

Manual Instrumentation with Splunk Observability Cloud: The What and Why

If you've ever worked with distributed systems, you’ve likely felt the pain of a frontend throwing errors, ...

Full-Stack Security in Financial Services: AppDynamics, Cisco Secure Application, and ...

Full-Stack Security in Financial Services: AppDynamics, Cisco Secure Application, and Splunk ES Protecting a ...

It's Customer Success Time at .conf25

Hello Splunkers,   Ready for .conf25? The customer success and experience team is and can’t wait to see you ...