In this blog post, the Splunk update process of a Splunk Enterprise single instance is described. First of all, a backup of the Splunk configuration is performed: Download newest version of Splunk Enterprise on the Splunk homepage. I used the wget command to download the newest Splunk Enterprise rpm file: Subsequently, stop Splunk Enterprise as […]
In this blog post, I will explain how to install MISP on Ubuntu 18.04. MISP is an Open Source Threat Intelligence Platform for gathering, sharing, storing and correlating Indicators of Compromise of targeted attacks, threat intelligence, financial fraud information, vulnerability information or even counter-terrorism information. There exists three possibilities for installing MISP: Manual as described […]
In this blog post, I will explain how to integrate your Nessus vulnerability scan data into Splunk. We will use a single Splunk instance, as described in this blog post. Installation of Nessus can be found here. Configuring your first vulnerability scan is described in this blog post. Splunk is a poweful tool to visualize […]
In this blog post, I will explain how to perform a basic scan of your Home Lab using Nessus vulnerability scanner. If you didn’t setup your Nessus Scanner yet, have a look into this blog post. We initiate a new scan by clicking on New Scan: In this blog post, we choose Basic Network Scan: […]
In this blog post, I will explain how to monitor a Linux Server with Splunk. We will cover different logging/monitoring options for Linux Server using Splunk Enterprise. This tutorial assumes that you have already installed Splunk as described in this blog post. We will monitor the logs of the Linux Server running Splunk. In the […]
In this blog post, I will describe how to monitor your pfSense Logs with Splunk. pfSense is an popular open-source firewall. pfSense is using Syslog over udp to send logs to a remote syslog server. First of all, we need to add a new firewall rule in order to be able to collect the pfSense […]
In this blog post, I will explain how to install Splunk on Linux. Splunk is a big data solution with the goal of analyzing high volumes of machine-generated data. Splunk is used in many Security Operations Center (SOC) as a central log management tool. With a little bit tuning or by using Splunk Enterprise Security, […]
In this blog post, I will explain how to install Nessus on CentOS 7. Nessus is one of the most popular vulnerability scanner in the market. Nessus provides Nessus Home allowing you to scan your personal network with up to 16 IP adresses per scanner. This is perfect for your home lab. In order to […]
Welcome to my new IT Security Blog. My name is Patrick Bareiss and I want to cover different topics in the field of IT Security.