Custom-made, luxury planet building.

#splunk

Splunk Log Analysis on SSH attacks

Over the holidays, the linode infrastructure was attacked. I was testing Splunk at the time. I'd opened SSH in the firewall to capture logs into Splunk. My linode VPS was under constant attack during this period. Let's analyze the logs of the attack with Splunk!

List of SSH attack usernames

A list of all usernames used during a brute-force attack of this server over the holidays. Data was easily generated using Splunk lite.

Install Splunk Lite on CentOS 7

I decided to play with Splunk on the VPS.  Splunk is a huge and powerful tool, but my needs are simple.  I want to dump all my log files for all my servers somewhere.  I want the logs easily browsed and searched.  Kudos for automated alerts to key events.  Splunk …