IT Security Blog

Click the button below to start exploring my website
Start exploring

Update Splunk Enterprise Single Instance

In this blog post, the Splunk update process of a Splunk Enterprise single instance is described. First of all, a backup of the Splunk configuration is performed: Download newest version of Splunk Enterprise on the Splunk homepage. I used the wget command to download the newest Splunk Enterprise rpm file: Subsequently, stop Splunk Enterprise as […]

Install MISP on Ubuntu 18.04

In this blog post, I will explain how to install MISP on Ubuntu 18.04. MISP is an Open Source Threat Intelligence Platform for gathering, sharing, storing and correlating Indicators of Compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or even counter-terrorism information. There exists three possibilities for installing MISP: Manual as described […]

Monitoring Linux Server with Splunk

In this blog post, I will explain how to monitor a Linux Server with Splunk. We will cover different logging/monitoring options for Linux Server using Splunk Enterprise. This tutorial assumes that you have already installed Splunk as described in this blog post. We will monitor the logs of the Linux Server running Splunk. In the […]

Install Splunk Enterprise on Linux

In this blog post, I will explain how to install Splunk on Linux. Splunk is a big data solution with the goal of analyzing high volumes of machine-generated data. Splunk is used in many Security Operations Center (SOC) as a central log management tool. With a little bit tuning or by using Splunk Enterprise Security, […]