Skip to content
/ python-splunk-sdk_example Public

simple python script using python-splunk-sdk for automating query and searches

License

GPL-3.0 license
1 star 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tccontre/python-splunk-sdk_example

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
2.JPG
2.JPG
 
 
3.JPG
3.JPG
 
 
4.JPG
4.JPG
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
last_login.py
last_login.py
 
 

Repository files navigation

python-splunk-sdk_example

simple python script using python-splunk-sdk for automating query and searches

Installation:

  1. set-up atleast 2 VM machine connected to each other (for this test 1 win7-client and (win10 - splunk monitoring instance))
  2. install python 2.7
  3. install python-splunk-sdk and put it to the PYTHONPATH of the machine.
  4. set-up universal forwarder
  5. enable monitoring for security event logs especially in log-in success and failure setting in gpedit.msc
  6. then do some failure login and check if splunk instance catch it,
  7. then test this script

figure 1 - example of splunk search query after of some test

figure 2 - example of remote execution of script. just change the host parameter in the code of the ipaddress of the splunk instance machine

figure 3 - script execution to the local machine where the splunk instance is installed

About

simple python script using python-splunk-sdk for automating query and searches

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages