[go: up one dir, main page]
Scribd
Upload
52 views10 pages

Lab 10 Report

The lab report summarizes implementing modules 7-10 of Splunk Fundamentals 1. Module 7 covers creating reports and dashboards to visualize web application data like forbidden page access and products sold. Module 8 uses pivot commands to build reports on customer location and shopping cart contents. Module 9 adds a data model and dashboard panel. Module 10 creates an alert to notify about failed admin login attempts exceeding a threshold.

Uploaded by

Misbah Arshad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
52 views10 pages

Lab 10 Report

The lab report summarizes implementing modules 7-10 of Splunk Fundamentals 1. Module 7 covers creating reports and dashboards to visualize web application data like forbidden page access and products sold. Module 8 uses pivot commands to build reports on customer location and shopping cart contents. Module 9 adds a data model and dashboard panel. Module 10 creates an alert to notify about failed admin login attempts exceeding a threshold.

Uploaded by

Misbah Arshad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 10

Information Security Governance Lab

(Lab Report - 10)

Submitted to: Dr. Manoj Kumar

Submitted By : Shahid Afridi


SAP id : 500068189
Roll : R134218148
CSF – B3
LAB REPORT 10

● Objective

j
Implement the first six modules (7-10) of Splunk Fundamentals 1.

● Theory:

Splunk software captures, indexes and correlates real-time data in a


searchable repository from which it can generate graphs, reports, alerts,
dashboards and visualizations.
Splunk makes machine data accessible across an organization by
identifying data patterns, providing metrics, diagnosing problems and
providing intelligence for business operations. Splunk is a horizontal
technology used for application management, security and compliance,
as well as business and web analytics.

● Procedure:

Module VII: CREATING REPORTS AND DASHBOARDS


Scenario 13: The security team would like a report of IPs that seem to be up to no
good.
1. Use the stats count function to get a report of users trying to access
forbidden pages in the Buttercup Games web application.

2. Use stats functions to create visualizations of products sold, and add them
to a dashboard.

Module VIII: USING PIVOT


Scenario 14: The CFO loved the simple dashboard you created, but would like to add
a report of where our customers are coming from. She would like to know what items
users added to the shopping cart, and where those users originated from.
1. Use a non-transforming command with instant Pivot.
2. Build a report using the Pivot interface.
3. Add a panel to a dashboard from a pivot, and create a Data Model.
Scenario 15: The web application data does not contain name and price information
for the products being sold. Users of your reports would like to see product names
used in your reports, not just product Ids.
1. Download and examine the lookup file: http://splk.it/productdata
2. Add a lookup file and create a lookup definition.
3. Use the lookup in a search.

Module X: CREATING ALERTS


Scenario 16: For security reasons, you need to monitor failed login attempts on your
Splunk search head. You are only interested in failed logins from the admin account.
You want to be notified when there is more than one failed login attempt within one
minute.
1. Change user account and run a sample search.
2. Create an alert.

You might also like