Skip to content

Latest commit

 

History

History
44 lines (31 loc) · 1.79 KB

README.md

File metadata and controls

44 lines (31 loc) · 1.79 KB
Raw

Analyze Logs Through Splunk

Table of Contents

Introduction

The premise of this project is to create logs through a custom database in which the logs will then be forwarded to Splunk for further analysis. The final report will be linked in the References section.

Tools Used

The tools used here are the following:

  1. Splunk
  2. Splunk Universal Forwarder
  3. Oracle VM VirtualBox
  4. Windows 10 ISO
  5. Flask
  6. SQLAlchemy
  7. Python

Approach to Problem

  1. Created a web application that will accept user input and store it in the backend DB.
  2. Recorded HTTP server and DB logs the application creates by using Flask.
  3. Forwarded it to Splunk by using the Splunk Universal Forwarder.
  4. Ran a search in Splunk to show the application (web and DB) data forwarded from host pc.

Learning Outcomes

  1. Learned how to connect Flask to a database with Flask-SQLAlchemy.
  2. Learned how to create simple web application using HyperText Markup Language (HTML).
  3. Learned how to log applications using Flask.
  4. Learned how to configure, format and test a Flask logger.
  5. Learned how to search Splunk using source, host and sourcetype.

References

Written report linked here