The venerable old-skool Splunk forums are now closed. Feel free to search for old content here, but new posts are no longer supported.

Instead, please visit the thriving community at answers.splunk.com to ask and answer questions about your Splunk deployment and how to get the most out of it.

Forums: SplunkGeneral: Solaris Syslog, Auditing, and Splunk

Previous Topic: New syslog agent | Next Topic: FifoLoader Not Available

Posts 1–1 of 1

posted by: benr | posts
date: May 15, 2006
permalink

Hello Solaris Splunkers,

I've written up a sort of 4 piece overview of making Splunk really useful in a Solaris enviroment. By no means is it limited just to Solaris, but thats where I'm focusing. It comes in 4 parts:

Splunk Overview:
http://www.cuddletech.com/blog/pivot/entry.php?id=637

Centralizing Syslog on Solaris:
http://cuddletech.com/blog/pivot/entry.php?id=642

Solaris Auditing (BSM):
http://cuddletech.com/blog/pivot/entry.php?id=647

Putting it all together, end-to-end:
http://cuddletech.com/blog/pivot/entry.php?id=650

I wrote these up to try give some perspective on how you can provide a much greater flexability to monitoring in your enviroment with very little effort. Centralizing syslog and enabling auditing on all your systems suddenly makes a lot more sense now that we have Splunk to make all that data so much more useful.

Hope it helps.

benr.

Forums: SplunkGeneral: Solaris Syslog, Auditing, and Splunk

Description:

Permalink:

Splunk.com

Product:

Solutions:

Industries:

Partners:

About_us:

Support:

Services:

Resources:

Download