Splunk really is a powerful piece of software. If you’ve worked with it for a while, you would have figured out that a lot of the power comes from search commands, manipulating raw events to be displayed in graphs or tables or transforming data to display exactly the way you want it using the useful eval command.
But the commands also have their limitations. Read further
We had a need in our environment for Splunk to be able to do lookups against some open source threat feeds. Basically, we take a data source like firewall logs and then see if any of the computers in the environment has tried to talk to a known ‘bad’ IP or URL on these threat feeds.
First off, let’s start with the feeds. Read further
I was tasked with moving some data from one, internet-connected network to another network that does not have internet access.
This was to be done via Sneakernet, possibly just using scripts stored on the USB flash drive.
At first, it was quite an involved process. The more I used the process though I kept thinking about simplifying the process. What if I could just plug the flash drive into a computer and the transfer happens automatically? Read further
This might seem a bit out of order because I blogged about using Django models a few weeks ago but a friend pointed it out to me that some people might actually like to learn how to connect Django to a database in the first place.
Setting up a Django project requires a lot of key pieces to be in place already. Read further
At work, we are currently busy building a report automation tool, using Django 1.6.4 for the frontend part of the application and some Python for the backend.
Basically, we define what a report looks like on the Django frontend, and then run some Python scripts on the backend to create the report we defined.
The beautiful thing about Django is how it interfaces with a database. Read further
I’ve been at my new job for almost two years now. “New” from the perspective that the last time I blogged, I was still at my previous job.
The job involved something new. New software and new technology that I haven’t worked with before. I went for an interview to become a Splunk Administrator.
Yeah, I said Splunk.
So what is Splunk? Read further
I’ve left my blog neglected for too long and it’s long overdue for an overhaul.
I’ve learnt a lot in the last two years (or so) with regards to my tech skills, my personal life and of course, what works and doesn’t work when it comes to blogging. I got tired of looking at the old page fill up with comment spam, so this morning I asked my service provider to do a hard reset of my account. Read further