cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
huangc
New Member
Member since: ‎02-05-2020
‎06-05-2020
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎02-05-2020
View All

How do I use Splunk for NERC baseline compliance?

by in All Apps and Add-ons
‎02-06-2020 09:10 AM
‎02-06-2020 09:10 AM
Hi! I am trying to leverage splunk for NERC Compliance, but more than just logging. I want to get baseline configuration which captures OS, Patches, Software, and Port and Services. My idea was to have the system generate the information and write it to a file and have the splunk universal forwarder monitor the file daily. There would be a cronjob that would run daily to execute the commands like: 1) netstat -ano 2) uname -r 3) rpm -qa This would then get ingested into Splunk. How has the community been using Splunk for NERC Baseline compliance? Are there any add-ons that could help? It would need to be able to track changes to the baseline of allowable port and services, change records of the change, and run reports on a baseline of a particular day. This last part I was thinking of using a dash board or creating a table. Thoughts or suggestion? ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM