This post is geared towards anyone looking to clarify how to connect to Splunk. This software is incredibly vast and there is a lot to learn in terms of how to utilize it well. The very start of that process is learning how to configure everything. The process is a bit different than general terminal connection via SSH, so I thought it would be a good idea to make a guide of some sort.
If you are unfamiliar with Splunk, it is a tool that indexes data logs to search for particular files within a system. The one use case for it in industry is using it to analyze the data which can create dashboards, reports, and alerts. It aids organizations with their metrics by giving them common patterns and potential problems while having the capability to handle “big data.”
Configuration Process
# RDP is required as opposed to SSHStep #0: Download Microsoft Remote Desktop from the Appstore.
Step #1: Sign into your virtual machine and download the RDP file.
Step #2: Open the file.
Step #3: Remote Desktop should automatically run for this operation. Input your credentials to this screen.
Step #4: Open the browser at the bottom. It is the world icon if you need clarification.
Step #6: Type the preconfigured Splunk instance into the browser at the top. The formatting should look something like the following:
http://100.0.0.0:8000
Step #7: Input your credentials into the screen that should appear once your http is successfully input.
Step #8: Success! You should now be met with the welcoming instructional.
💡 In the upcoming posts, I will be going over some things you can do with this tool.