Skip to content

JacYuan1/Analyze-Logs-Through-Splunk-Project

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
Written Report.pdf
Written Report.pdf
 
 
app.py
app.py
 
 

Repository files navigation

Analyze Logs Through Splunk

Table of Contents

Introduction

The premise of this project is to create logs through a custom database in which the logs will then be forwarded to Splunk for further analysis. The final report will be linked in the References section.

Tools Used

The tools used here are the following:

  1. Splunk
  2. Splunk Universal Forwarder
  3. Oracle VM VirtualBox
  4. Windows 10 ISO
  5. Flask
  6. SQLAlchemy
  7. Python

Approach to Problem

  1. Created a web application that will accept user input and store it in the backend DB.
  2. Recorded HTTP server and DB logs the application creates by using Flask.
  3. Forwarded it to Splunk by using the Splunk Universal Forwarder.
  4. Ran a search in Splunk to show the application (web and DB) data forwarded from host pc.

Learning Outcomes

  1. Learned how to connect Flask to a database with Flask-SQLAlchemy.
  2. Learned how to create simple web application using HyperText Markup Language (HTML).
  3. Learned how to log applications using Flask.
  4. Learned how to configure, format and test a Flask logger.
  5. Learned how to search Splunk using source, host and sourcetype.

References

Written report linked here

About

Analyze database logs through Splunk.

Topics

log-analysis logs splunk-enterprise soc-analysts

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages