Configure and test Splunk on Ubuntu Desktop

NB: This post is part of the series on building a home lab

Step 1

Head over to the Ubuntu Desktop

Open the terminal and navigate to where the Splunk folder is [Mine is in the downloads folder]

If the configuration of the Splunk Universal forwarder is configured right, it should appear right here

Next, you have many options to choose from based on what you want to do. In this lab, I will choose "Local Events Logs"

Start 2

Start searching to see the activities happening on the Windows Server

That's all for now. The logs are being sent to Splunk which will be analyzed later