Splunk下载指南

SecCMD2024/1/1小于 1 分钟基础工具日志管理

Splunk

Splunk Download

wget -O splunk-9.3.1-0b8d769cb912-x64-release.msi "https://download.splunk.com/products/splunk/releases/9.3.1/windows/splunk-9.3.1-0b8d769cb912-x64-release.msi"

todo

Hunting evil with

Sysmon, AutoRuns, and other free tools
https://cybersecthreat.com/zh/2020/07/08/import-windows-event-log-to-splunk/
学习接入更多种类日志， AD 日志、Linux日志
学习转发组件