i have installed Ubuntu & kali on virtualbox. i have installed DVWA application on ubuntu and now i have to install splunk forwarder in ubuntu and capture DVWA application logs when i aattack on dvwa application via kali Vm then Alerts + logs has to generated and sent to Host window 10 where i installed splunk means directly sent to splunk on window10. i wanted to know how to install splunk forwarder and how to configure input config file and output config file and how to add monitor command and i have tried installing Splunk forwarder but facing difficulty.
@shadowit .. this may be a biiig task(for a newbie).. you will need to go thru step by step.. (it will be an easy task for a splunk admin actually)..
As you are linux comfortable guy, its not a big and difficult task. please check the ubuntu Universal Forwarder installation, as listed above. on your progress, if you are struck, please let us know. thanks.
Add-on App "Install the *nix app on the Ubuntu VM" Check out the following link: Splunk Add-on for Unix and Linux This app will help monitor some applicable logs that will be useful to monitoring your activities with the Kali VM attacking the DVWA.