sudo apt-get install python-software-properties
sudo add-apt-repository ppa:webupd8team/java
sudo apt-get update
sudo apt-get install oracle-java8-installer
tar -xvzf mysql-connector-java-5.1.39.tar.gz
cp mysql-connector-java-5.1.39/mysql-connector-java-5.1.39-bin.jar /opt/splunk/etc/apps/splunk_app_db_connect/bin/lib/
sudo update-alternatives --config java
This is a custom version of “DNS Top RPZ Hits” report with added Discovered Name/Network View fields and removed Time field.
This simple search shows IPAM network usage statistic.
index=ib_ipam sourcetype="ib:ipam:network" cidr<25
| streamstats dc(_time) as distinct_times | head (distinct_times == 1)
| table NETWORK address_total address_alloc address_unalloc
This is a custom version of this dashboard. I’ve added networks filter. The query for the filter is not an optimal in terms of performance but anyway will work good for small IPAM databases.
This report is a custom version of “Inactive IP Addresses” report and provide information about MAC addresses that were not connected to a network for a while.
This search shows Splunk’s version.
| rest /services/server/info | table splunk_server version
Recently Infoblox released a new version of our reporting solution, which we renamed “Infoblox Reporting and Analytics”. The solution is based on the Splunk engine and delivers an enhanced reporting interface so now you can create custom dashboards, reports, and alerts. This gives you unlimited possibilities to analyze data and mine invaluable knowledge about your …
Continue reading ‘Infoblox Reporting and Analytics for Security’ »