Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ajackal/splunk

Splunk scripts and config files.
https://github.com/ajackal/splunk

powershell powershell-script splunk

Last synced: 3 months ago
JSON representation

Splunk scripts and config files.

Host: GitHub
URL: https://github.com/ajackal/splunk
Owner: ajackal
License: gpl-3.0
Created: 2017-02-03T14:10:25.000Z (almost 8 years ago)
Default Branch: master
Last Pushed: 2017-10-06T14:58:31.000Z (over 7 years ago)
Last Synced: 2023-10-20T07:15:01.125Z (over 1 year ago)
Topics: powershell, powershell-script, splunk
Language: PowerShell
Homepage:
Size: 21.5 KB
Stars: 5
Watchers: 2
Forks: 3
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Splunk>

## Splunk HTTP Event Collector
`Splunk_HTTP_Collector.ps1`

A PowerShell script that uses a REST API to POST data to a Splunk server with the HTTP Event Collector service enabled. Formatting the JSON properly is critical for Splunk to accept the POST and parse the JSON properly.

## Splunk Install Script
`splunk-script.ps1`

A PowerShell script to download a Splunk Universal Forwarder from a remote server, install, configure and then remove the installation pacakge from the system. _TODO:_ add error handling and messaging to a Splunk HTTP Event Collector.

## Splunk Inputs Configuration
`inputs.conf`

The Splunk `inputs.conf` file modified to collect PowerShell/Operational and Sysmon/Operational logs. Needs to be modified from the `$SPLUNK_HOME/etc/system/local` directory.